diff --git a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/backends.yaml b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/backends.yaml index 735132eaf..5dfbaf7e6 100644 --- a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/backends.yaml +++ b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/backends.yaml @@ -97,7 +97,7 @@ spec: type: "string" privateBaseURL: description: "PrivateBaseURL Private Base URL of the API" - pattern: "^https?:\\/\\/.*$" + pattern: "^(https?|wss?):\\/\\/.*$" type: "string" providerAccountRef: description: "ProviderAccountRef references account provider credentials" diff --git a/crd-catalog/CrunchyData/postgres-operator/postgres-operator.crunchydata.com/v1beta1/pgadmins.yaml b/crd-catalog/CrunchyData/postgres-operator/postgres-operator.crunchydata.com/v1beta1/pgadmins.yaml index fa9901d60..53527d333 100644 --- a/crd-catalog/CrunchyData/postgres-operator/postgres-operator.crunchydata.com/v1beta1/pgadmins.yaml +++ b/crd-catalog/CrunchyData/postgres-operator/postgres-operator.crunchydata.com/v1beta1/pgadmins.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/name: "pgo" app.kubernetes.io/version: "latest" @@ -22,10 +22,10 @@ spec: description: "PGAdmin is the Schema for the PGAdmin API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,15 +33,15 @@ spec: description: "PGAdminSpec defines the desired state of PGAdmin" properties: affinity: - description: "Scheduling constraints of the PGAdmin pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" + description: "Scheduling constraints of the PGAdmin pod.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" properties: nodeAffinity: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -49,16 +49,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -72,16 +72,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -93,6 +93,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" weight: description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" @@ -104,26 +105,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -137,16 +138,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -158,17 +159,19 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" type: "array" x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -176,21 +179,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -204,37 +207,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -248,23 +252,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -274,26 +279,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -307,37 +312,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -351,17 +357,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -373,7 +380,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -381,21 +388,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -409,37 +416,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -453,23 +461,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -479,26 +488,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -512,37 +521,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -556,17 +566,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -576,10 +587,10 @@ spec: type: "object" type: "object" config: - description: "Configuration settings for the pgAdmin process. Changes to any of these values will be loaded without validation. Be careful, as you may put pgAdmin into an unusable state." + description: "Configuration settings for the pgAdmin process. Changes to any of these\nvalues will be loaded without validation. Be careful, as\nyou may put pgAdmin into an unusable state." properties: configDatabaseURI: - description: "A Secret containing the value for the CONFIG_DATABASE_URI setting. More info: https://www.pgadmin.org/docs/pgadmin4/latest/external_database.html" + description: "A Secret containing the value for the CONFIG_DATABASE_URI setting.\nMore info: https://www.pgadmin.org/docs/pgadmin4/latest/external_database.html" properties: key: description: "The key of the secret to select from. Must be a valid secret key." @@ -594,30 +605,31 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" files: - description: "Files allows the user to mount projected volumes into the pgAdmin container so that files can be referenced by pgAdmin as needed." + description: "Files allows the user to mount projected volumes into the pgAdmin\ncontainer so that files can be referenced by pgAdmin as needed." items: description: "Projection that may be projected along with other supported volume types" properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"." + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -631,20 +643,21 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector." + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." type: "string" optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles." + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." type: "boolean" path: description: "Relative path from the volume root to write the bundle." type: "string" signerName: - description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated." + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" @@ -653,7 +666,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -661,11 +674,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -681,6 +694,7 @@ spec: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: description: "downwardAPI information about the downwardAPI data to project" properties: @@ -701,15 +715,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -727,6 +742,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" @@ -737,7 +753,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -745,11 +761,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -765,18 +781,19 @@ spec: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -784,11 +801,11 @@ spec: type: "object" type: "array" gunicorn: - description: "Settings for the gunicorn server. More info: https://docs.gunicorn.org/en/latest/settings.html" + description: "Settings for the gunicorn server.\nMore info: https://docs.gunicorn.org/en/latest/settings.html" type: "object" x-kubernetes-preserve-unknown-fields: true ldapBindPassword: - description: "A Secret containing the value for the LDAP_BIND_PASSWORD setting. More info: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html" + description: "A Secret containing the value for the LDAP_BIND_PASSWORD setting.\nMore info: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html" properties: key: description: "The key of the secret to select from. Must be a valid secret key." @@ -803,25 +820,26 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" settings: - description: "Settings for the pgAdmin server process. Keys should be uppercase and values must be constants. More info: https://www.pgadmin.org/docs/pgadmin4/latest/config_py.html" + description: "Settings for the pgAdmin server process. Keys should be uppercase and\nvalues must be constants.\nMore info: https://www.pgadmin.org/docs/pgadmin4/latest/config_py.html" type: "object" x-kubernetes-preserve-unknown-fields: true type: "object" dataVolumeClaimSpec: - description: "Defines a PersistentVolumeClaim for pgAdmin data. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes" + description: "Defines a PersistentVolumeClaim for pgAdmin data.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes" properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" x-kubernetes-list-type: "atomic" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -833,11 +851,12 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -846,14 +865,14 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: limits: additionalProperties: @@ -862,7 +881,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -871,7 +890,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -880,16 +899,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -903,17 +922,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -923,22 +943,23 @@ spec: description: "The image name to use for pgAdmin instance." type: "string" imagePullPolicy: - description: "ImagePullPolicy is used to determine when Kubernetes will attempt to pull (download) container images. More info: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy" + description: "ImagePullPolicy is used to determine when Kubernetes will attempt to\npull (download) container images.\nMore info: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy" enum: - "Always" - "Never" - "IfNotPresent" type: "string" imagePullSecrets: - description: "The image pull secrets used to pull from a private registry. Changing this value causes all running PGAdmin pods to restart. https://k8s.io/docs/tasks/configure-pod-container/pull-image-private-registry/" + description: "The image pull secrets used to pull from a private registry.\nChanging this value causes all running PGAdmin pods to restart.\nhttps://k8s.io/docs/tasks/configure-pod-container/pull-image-private-registry/" items: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: default: "" description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" + x-kubernetes-map-type: "atomic" type: "array" metadata: description: "Metadata contains metadata for custom resources" @@ -953,18 +974,18 @@ spec: type: "object" type: "object" priorityClassName: - description: "Priority class name for the PGAdmin pod. Changing this value causes PGAdmin pod to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" + description: "Priority class name for the PGAdmin pod. Changing this\nvalue causes PGAdmin pod to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" type: "string" resources: description: "Resource requirements for the PGAdmin container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -980,7 +1001,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -989,35 +1010,35 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" serverGroups: - description: "ServerGroups for importing PostgresClusters to pgAdmin. To create a pgAdmin with no selectors, leave this field empty. A pgAdmin created with no `ServerGroups` will not automatically add any servers through discovery. PostgresClusters can still be added manually." + description: "ServerGroups for importing PostgresClusters to pgAdmin.\nTo create a pgAdmin with no selectors, leave this field empty.\nA pgAdmin created with no `ServerGroups` will not automatically\nadd any servers through discovery. PostgresClusters can still be\nadded manually." items: properties: name: - description: "The name for the ServerGroup in pgAdmin. Must be unique in the pgAdmin's ServerGroups since it becomes the ServerGroup name in pgAdmin." + description: "The name for the ServerGroup in pgAdmin.\nMust be unique in the pgAdmin's ServerGroups since it becomes the ServerGroup name in pgAdmin." type: "string" postgresClusterName: description: "PostgresClusterName selects one cluster to add to pgAdmin by name." type: "string" postgresClusterSelector: - description: "PostgresClusterSelector selects clusters to dynamically add to pgAdmin by matching labels. An empty selector like `{}` will select ALL clusters in the namespace." + description: "PostgresClusterSelector selects clusters to dynamically add to pgAdmin by matching labels.\nAn empty selector like `{}` will select ALL clusters in the namespace." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1031,9 +1052,10 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" required: - "name" type: "object" @@ -1042,33 +1064,33 @@ spec: rule: "[has(self.postgresClusterName),has(self.postgresClusterSelector)].exists_one(x,x)" type: "array" serviceName: - description: "ServiceName will be used as the name of a ClusterIP service pointing to the pgAdmin pod and port. If the service already exists, PGO will update the service. For more information about services reference the Kubernetes and CrunchyData documentation. https://kubernetes.io/docs/concepts/services-networking/service/" + description: "ServiceName will be used as the name of a ClusterIP service pointing\nto the pgAdmin pod and port. If the service already exists, PGO will\nupdate the service. For more information about services reference\nthe Kubernetes and CrunchyData documentation.\nhttps://kubernetes.io/docs/concepts/services-networking/service/" type: "string" tolerations: - description: "Tolerations of the PGAdmin pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" + description: "Tolerations of the PGAdmin pod.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" users: - description: "pgAdmin users that are managed via the PGAdmin spec. Users can still be added via the pgAdmin GUI, but those users will not show up here." + description: "pgAdmin users that are managed via the PGAdmin spec. Users can still\nbe added via the pgAdmin GUI, but those users will not show up here." items: properties: passwordRef: @@ -1087,14 +1109,15 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" role: - description: "Role determines whether the user has admin privileges or not. Defaults to User. Valid options are Administrator and User." + description: "Role determines whether the user has admin privileges or not.\nDefaults to User. Valid options are Administrator and User." enum: - "Administrator" - "User" type: "string" username: - description: "The username for User in pgAdmin. Must be unique in the pgAdmin's users list." + description: "The username for User in pgAdmin.\nMust be unique in the pgAdmin's users list." type: "string" required: - "passwordRef" @@ -1111,25 +1134,25 @@ spec: description: "PGAdminStatus defines the observed state of PGAdmin" properties: conditions: - description: "conditions represent the observations of pgAdmin's current state. Known .status.conditions.type is: \"PersistentVolumeResizing\"" + description: "conditions represent the observations of pgAdmin's current state.\nKnown .status.conditions.type is: \"PersistentVolumeResizing\"" items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -1142,7 +1165,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/CrunchyData/postgres-operator/postgres-operator.crunchydata.com/v1beta1/pgupgrades.yaml b/crd-catalog/CrunchyData/postgres-operator/postgres-operator.crunchydata.com/v1beta1/pgupgrades.yaml index 3968ad759..9d7309a6e 100644 --- a/crd-catalog/CrunchyData/postgres-operator/postgres-operator.crunchydata.com/v1beta1/pgupgrades.yaml +++ b/crd-catalog/CrunchyData/postgres-operator/postgres-operator.crunchydata.com/v1beta1/pgupgrades.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/name: "pgo" app.kubernetes.io/version: "latest" @@ -22,10 +22,10 @@ spec: description: "PGUpgrade is the Schema for the pgupgrades API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,15 +33,15 @@ spec: description: "PGUpgradeSpec defines the desired state of PGUpgrade" properties: affinity: - description: "Scheduling constraints of the PGUpgrade pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" + description: "Scheduling constraints of the PGUpgrade pod.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" properties: nodeAffinity: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -49,16 +49,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -72,16 +72,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -93,6 +93,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" weight: description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" @@ -104,26 +105,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -137,16 +138,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -158,17 +159,19 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" type: "array" x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -176,21 +179,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -204,37 +207,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -248,23 +252,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -274,26 +279,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -307,37 +312,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -351,17 +357,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -373,7 +380,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -381,21 +388,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -409,37 +416,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -453,23 +461,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -479,26 +488,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -512,37 +521,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -556,17 +566,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -584,22 +595,23 @@ spec: description: "The image name to use for major PostgreSQL upgrades." type: "string" imagePullPolicy: - description: "ImagePullPolicy is used to determine when Kubernetes will attempt to pull (download) container images. More info: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy" + description: "ImagePullPolicy is used to determine when Kubernetes will attempt to\npull (download) container images.\nMore info: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy" enum: - "Always" - "Never" - "IfNotPresent" type: "string" imagePullSecrets: - description: "The image pull secrets used to pull from a private registry. Changing this value causes all running PGUpgrade pods to restart. https://k8s.io/docs/tasks/configure-pod-container/pull-image-private-registry/" + description: "The image pull secrets used to pull from a private registry.\nChanging this value causes all running PGUpgrade pods to restart.\nhttps://k8s.io/docs/tasks/configure-pod-container/pull-image-private-registry/" items: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: default: "" description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" + x-kubernetes-map-type: "atomic" type: "array" metadata: description: "Metadata contains metadata for custom resources" @@ -618,18 +630,18 @@ spec: minLength: 1 type: "string" priorityClassName: - description: "Priority class name for the PGUpgrade pod. Changing this value causes PGUpgrade pod to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" + description: "Priority class name for the PGUpgrade pod. Changing this\nvalue causes PGUpgrade pod to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" type: "string" resources: description: "Resource requirements for the PGUpgrade container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -645,7 +657,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -654,11 +666,11 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" toPostgresImage: - description: "The image name to use for PostgreSQL containers after upgrade. When omitted, the value comes from an operator environment variable." + description: "The image name to use for PostgreSQL containers after upgrade.\nWhen omitted, the value comes from an operator environment variable." type: "string" toPostgresVersion: description: "The major version of PostgreSQL to be upgraded to." @@ -666,25 +678,25 @@ spec: minimum: 10.0 type: "integer" tolerations: - description: "Tolerations of the PGUpgrade pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" + description: "Tolerations of the PGUpgrade pod.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -699,23 +711,23 @@ spec: conditions: description: "conditions represent the observations of PGUpgrade's current state." items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -728,7 +740,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/CrunchyData/postgres-operator/postgres-operator.crunchydata.com/v1beta1/postgresclusters.yaml b/crd-catalog/CrunchyData/postgres-operator/postgres-operator.crunchydata.com/v1beta1/postgresclusters.yaml index 941040db8..515db15a3 100644 --- a/crd-catalog/CrunchyData/postgres-operator/postgres-operator.crunchydata.com/v1beta1/postgresclusters.yaml +++ b/crd-catalog/CrunchyData/postgres-operator/postgres-operator.crunchydata.com/v1beta1/postgresclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/name: "pgo" app.kubernetes.io/version: "latest" @@ -22,10 +22,10 @@ spec: description: "PostgresCluster is the Schema for the postgresclusters API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -39,29 +39,29 @@ spec: description: "pgBackRest archive configuration" properties: configuration: - description: "Projected volumes containing custom pgBackRest configuration. These files are mounted under \"/etc/pgbackrest/conf.d\" alongside any pgBackRest configuration generated by the PostgreSQL Operator: https://pgbackrest.org/configuration.html" + description: "Projected volumes containing custom pgBackRest configuration. These files are mounted\nunder \"/etc/pgbackrest/conf.d\" alongside any pgBackRest configuration generated by the\nPostgreSQL Operator:\nhttps://pgbackrest.org/configuration.html" items: description: "Projection that may be projected along with other supported volume types" properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"." + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -75,20 +75,21 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector." + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." type: "string" optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles." + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." type: "boolean" path: description: "Relative path from the volume root to write the bundle." type: "string" signerName: - description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated." + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" @@ -97,7 +98,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -105,11 +106,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -125,6 +126,7 @@ spec: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: description: "downwardAPI information about the downwardAPI data to project" properties: @@ -145,15 +147,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -171,6 +174,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" @@ -181,7 +185,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -189,11 +193,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -209,18 +213,19 @@ spec: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -230,24 +235,24 @@ spec: global: additionalProperties: type: "string" - description: "Global pgBackRest configuration settings. These settings are included in the \"global\" section of the pgBackRest configuration generated by the PostgreSQL Operator, and then mounted under \"/etc/pgbackrest/conf.d\": https://pgbackrest.org/configuration.html" + description: "Global pgBackRest configuration settings. These settings are included in the \"global\"\nsection of the pgBackRest configuration generated by the PostgreSQL Operator, and then\nmounted under \"/etc/pgbackrest/conf.d\":\nhttps://pgbackrest.org/configuration.html" type: "object" image: - description: "The image name to use for pgBackRest containers. Utilized to run pgBackRest repository hosts and backups. The image may also be set using the RELATED_IMAGE_PGBACKREST environment variable" + description: "The image name to use for pgBackRest containers. Utilized to run\npgBackRest repository hosts and backups. The image may also be set using\nthe RELATED_IMAGE_PGBACKREST environment variable" type: "string" jobs: description: "Jobs field allows configuration for all backup jobs" properties: affinity: - description: "Scheduling constraints of pgBackRest backup Job pods. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" + description: "Scheduling constraints of pgBackRest backup Job pods.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" properties: nodeAffinity: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -255,16 +260,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -278,16 +283,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -299,6 +304,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" weight: description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" @@ -310,26 +316,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -343,16 +349,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -364,17 +370,19 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" type: "array" x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -382,21 +390,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -410,37 +418,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -454,23 +463,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -480,26 +490,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -513,37 +523,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -557,17 +568,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -579,7 +591,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -587,21 +599,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -615,37 +627,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -659,23 +672,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -685,26 +699,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -718,37 +732,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -762,17 +777,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -782,18 +798,18 @@ spec: type: "object" type: "object" priorityClassName: - description: "Priority class name for the pgBackRest backup Job pods. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" + description: "Priority class name for the pgBackRest backup Job pods.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" type: "string" resources: - description: "Resource limits for backup jobs. Includes manual, scheduled and replica create backups" + description: "Resource limits for backup jobs. Includes manual, scheduled and replica\ncreate backups" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -809,7 +825,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -818,34 +834,34 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: - description: "Tolerations of pgBackRest backup Job pods. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" + description: "Tolerations of pgBackRest backup Job pods.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" ttlSecondsAfterFinished: - description: "Limit the lifetime of a Job that has finished. More info: https://kubernetes.io/docs/concepts/workloads/controllers/job" + description: "Limit the lifetime of a Job that has finished.\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/job" format: "int32" minimum: 60.0 type: "integer" @@ -854,7 +870,7 @@ spec: description: "Defines details for manual pgBackRest backup Jobs" properties: options: - description: "Command line options to include when running the pgBackRest backup command. https://pgbackrest.org/command.html#command-backup" + description: "Command line options to include when running the pgBackRest backup command.\nhttps://pgbackrest.org/command.html#command-backup" items: type: "string" type: "array" @@ -878,18 +894,18 @@ spec: type: "object" type: "object" repoHost: - description: "Defines configuration for a pgBackRest dedicated repository host. This section is only applicable if at least one \"volume\" (i.e. PVC-based) repository is defined in the \"repos\" section, therefore enabling a dedicated repository host Deployment." + description: "Defines configuration for a pgBackRest dedicated repository host. This section is only\napplicable if at least one \"volume\" (i.e. PVC-based) repository is defined in the \"repos\"\nsection, therefore enabling a dedicated repository host Deployment." properties: affinity: - description: "Scheduling constraints of the Dedicated repo host pod. Changing this value causes repo host to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" + description: "Scheduling constraints of the Dedicated repo host pod.\nChanging this value causes repo host to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" properties: nodeAffinity: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -897,16 +913,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -920,16 +936,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -941,6 +957,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" weight: description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" @@ -952,26 +969,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -985,16 +1002,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1006,17 +1023,19 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" type: "array" x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -1024,21 +1043,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1052,37 +1071,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1096,23 +1116,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -1122,26 +1143,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1155,37 +1176,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1199,17 +1221,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -1221,7 +1244,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -1229,21 +1252,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1257,37 +1280,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1301,23 +1325,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -1327,26 +1352,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1360,37 +1385,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1404,17 +1430,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -1424,18 +1451,18 @@ spec: type: "object" type: "object" priorityClassName: - description: "Priority class name for the pgBackRest repo host pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" + description: "Priority class name for the pgBackRest repo host pod. Changing this value\ncauses PostgreSQL to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" type: "string" resources: description: "Resource requirements for a pgBackRest repository host" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1451,7 +1478,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1460,14 +1487,14 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" sshConfigMap: - description: "ConfigMap containing custom SSH configuration. Deprecated: Repository hosts use mTLS for encryption, authentication, and authorization." + description: "ConfigMap containing custom SSH configuration.\nDeprecated: Repository hosts use mTLS for encryption, authentication, and authorization." properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -1475,11 +1502,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -1495,11 +1522,12 @@ spec: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" sshSecret: - description: "Secret containing custom SSH keys. Deprecated: Repository hosts use mTLS for encryption, authentication, and authorization." + description: "Secret containing custom SSH keys.\nDeprecated: Repository hosts use mTLS for encryption, authentication, and authorization." properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -1507,11 +1535,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -1527,50 +1555,51 @@ spec: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" tolerations: - description: "Tolerations of a PgBackRest repo host pod. Changing this value causes a restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" + description: "Tolerations of a PgBackRest repo host pod. Changing this value causes a restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" topologySpreadConstraints: - description: "Topology spread constraints of a Dedicated repo host pod. Changing this value causes the repo host to restart. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/" + description: "Topology spread constraints of a Dedicated repo host pod. Changing this\nvalue causes the repo host to restart.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/" items: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1584,34 +1613,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -1648,7 +1678,7 @@ spec: pattern: "^repo[1-4]" type: "string" s3: - description: "RepoS3 represents a pgBackRest repository that is created using AWS S3 (or S3-compatible) storage" + description: "RepoS3 represents a pgBackRest repository that is created using AWS S3 (or S3-compatible)\nstorage" properties: bucket: description: "The S3 bucket utilized for the repository" @@ -1665,18 +1695,18 @@ spec: - "region" type: "object" schedules: - description: "Defines the schedules for the pgBackRest backups Full, Differential and Incremental backup types are supported: https://pgbackrest.org/user-guide.html#concept/backup" + description: "Defines the schedules for the pgBackRest backups\nFull, Differential and Incremental backup types are supported:\nhttps://pgbackrest.org/user-guide.html#concept/backup" properties: differential: - description: "Defines the Cron schedule for a differential pgBackRest backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax" + description: "Defines the Cron schedule for a differential pgBackRest backup.\nFollows the standard Cron schedule syntax:\nhttps://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax" minLength: 6 type: "string" full: - description: "Defines the Cron schedule for a full pgBackRest backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax" + description: "Defines the Cron schedule for a full pgBackRest backup.\nFollows the standard Cron schedule syntax:\nhttps://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax" minLength: 6 type: "string" incremental: - description: "Defines the Cron schedule for an incremental pgBackRest backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax" + description: "Defines the Cron schedule for an incremental pgBackRest backup.\nFollows the standard Cron schedule syntax:\nhttps://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax" minLength: 6 type: "string" type: "object" @@ -1687,17 +1717,17 @@ spec: description: "Defines a PersistentVolumeClaim spec used to create and/or bind a volume" properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" minItems: 1 type: "array" x-kubernetes-list-type: "atomic" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -1709,11 +1739,12 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -1722,14 +1753,14 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: limits: additionalProperties: @@ -1738,7 +1769,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1747,7 +1778,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" required: - "storage" type: "object" @@ -1760,16 +1791,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1783,17 +1814,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -1817,15 +1849,15 @@ spec: description: "Defines details for performing an in-place restore using pgBackRest" properties: affinity: - description: "Scheduling constraints of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" + description: "Scheduling constraints of the pgBackRest restore Job.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" properties: nodeAffinity: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -1833,16 +1865,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1856,16 +1888,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1877,6 +1909,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" weight: description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" @@ -1888,26 +1921,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1921,16 +1954,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1942,17 +1975,19 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" type: "array" x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -1960,21 +1995,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1988,37 +2023,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2032,23 +2068,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -2058,26 +2095,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2091,37 +2128,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2135,17 +2173,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -2157,7 +2196,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -2165,21 +2204,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2193,37 +2232,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2237,23 +2277,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -2263,26 +2304,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2296,37 +2337,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2340,17 +2382,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -2360,37 +2403,37 @@ spec: type: "object" type: "object" clusterName: - description: "The name of an existing PostgresCluster to use as the data source for the new PostgresCluster. Defaults to the name of the PostgresCluster being created if not provided." + description: "The name of an existing PostgresCluster to use as the data source for the new PostgresCluster.\nDefaults to the name of the PostgresCluster being created if not provided." type: "string" clusterNamespace: - description: "The namespace of the cluster specified as the data source using the clusterName field. Defaults to the namespace of the PostgresCluster being created if not provided." + description: "The namespace of the cluster specified as the data source using the clusterName field.\nDefaults to the namespace of the PostgresCluster being created if not provided." type: "string" enabled: default: false description: "Whether or not in-place pgBackRest restores are enabled for this PostgresCluster." type: "boolean" options: - description: "Command line options to include when running the pgBackRest restore command. https://pgbackrest.org/command.html#command-restore" + description: "Command line options to include when running the pgBackRest restore command.\nhttps://pgbackrest.org/command.html#command-restore" items: type: "string" type: "array" priorityClassName: - description: "Priority class name for the pgBackRest restore Job pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" + description: "Priority class name for the pgBackRest restore Job pod. Changing this\nvalue causes PostgreSQL to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" type: "string" repoName: - description: "The name of the pgBackRest repo within the source PostgresCluster that contains the backups that should be utilized to perform a pgBackRest restore when initializing the data source for the new PostgresCluster." + description: "The name of the pgBackRest repo within the source PostgresCluster that contains the backups\nthat should be utilized to perform a pgBackRest restore when initializing the data source\nfor the new PostgresCluster." pattern: "^repo[1-4]" type: "string" resources: description: "Resource requirements for the pgBackRest restore Job." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2406,7 +2449,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2415,29 +2458,29 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: - description: "Tolerations of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" + description: "Tolerations of the pgBackRest restore Job.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -2455,12 +2498,12 @@ spec: description: "Resource requirements for a sidecar container" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2476,7 +2519,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2485,7 +2528,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" type: "object" @@ -2496,12 +2539,12 @@ spec: description: "Resource requirements for a sidecar container" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2517,7 +2560,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2526,7 +2569,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" type: "object" @@ -2544,24 +2587,24 @@ spec: description: "Projection that may be projected along with other supported volume types" properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"." + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2575,20 +2618,21 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector." + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." type: "string" optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles." + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." type: "boolean" path: description: "Relative path from the volume root to write the bundle." type: "string" signerName: - description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated." + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" @@ -2597,7 +2641,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -2605,11 +2649,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -2625,6 +2669,7 @@ spec: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: description: "downwardAPI information about the downwardAPI data to project" properties: @@ -2645,15 +2690,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -2671,6 +2717,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" @@ -2681,7 +2728,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -2689,11 +2736,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -2709,18 +2756,19 @@ spec: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -2729,10 +2777,10 @@ spec: type: "array" type: "object" customReplicationTLSSecret: - description: "The secret containing the replication client certificates and keys for secure connections to the PostgreSQL server. It will need to contain the client TLS certificate, TLS key and the Certificate Authority certificate with the data keys set to tls.crt, tls.key and ca.crt, respectively. NOTE: If CustomReplicationClientTLSSecret is provided, CustomTLSSecret MUST be provided and the ca.crt provided must be the same." + description: "The secret containing the replication client certificates and keys for\nsecure connections to the PostgreSQL server. It will need to contain the\nclient TLS certificate, TLS key and the Certificate Authority certificate\nwith the data keys set to tls.crt, tls.key and ca.crt, respectively.\nNOTE: If CustomReplicationClientTLSSecret is provided, CustomTLSSecret\nMUST be provided and the ca.crt provided must be the same." properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -2740,11 +2788,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -2760,11 +2808,12 @@ spec: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" customTLSSecret: - description: "The secret containing the Certificates and Keys to encrypt PostgreSQL traffic will need to contain the server TLS certificate, TLS key and the Certificate Authority certificate with the data keys set to tls.crt, tls.key and ca.crt, respectively. It will then be mounted as a volume projection to the '/pgconf/tls' directory. For more information on Kubernetes secret projections, please see https://k8s.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths NOTE: If CustomTLSSecret is provided, CustomReplicationClientTLSSecret MUST be provided and the ca.crt provided must be the same." + description: "The secret containing the Certificates and Keys to encrypt PostgreSQL\ntraffic will need to contain the server TLS certificate, TLS key and the\nCertificate Authority certificate with the data keys set to tls.crt,\ntls.key and ca.crt, respectively. It will then be mounted as a volume\nprojection to the '/pgconf/tls' directory. For more information on\nKubernetes secret projections, please see\nhttps://k8s.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths\nNOTE: If CustomTLSSecret is provided, CustomReplicationClientTLSSecret\nMUST be provided and the ca.crt provided must be the same." properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -2772,11 +2821,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -2792,22 +2841,23 @@ spec: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" dataSource: description: "Specifies a data source for bootstrapping the PostgreSQL cluster." properties: pgbackrest: - description: "Defines a pgBackRest cloud-based data source that can be used to pre-populate the PostgreSQL data directory for a new PostgreSQL cluster using a pgBackRest restore. The PGBackRest field is incompatible with the PostgresCluster field: only one data source can be used for pre-populating a new PostgreSQL cluster" + description: "Defines a pgBackRest cloud-based data source that can be used to pre-populate the\nPostgreSQL data directory for a new PostgreSQL cluster using a pgBackRest restore.\nThe PGBackRest field is incompatible with the PostgresCluster field: only one\ndata source can be used for pre-populating a new PostgreSQL cluster" properties: affinity: - description: "Scheduling constraints of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" + description: "Scheduling constraints of the pgBackRest restore Job.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" properties: nodeAffinity: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -2815,16 +2865,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2838,16 +2888,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2859,6 +2909,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" weight: description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" @@ -2870,26 +2921,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2903,16 +2954,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2924,17 +2975,19 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" type: "array" x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -2942,21 +2995,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2970,37 +3023,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3014,23 +3068,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -3040,26 +3095,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3073,37 +3128,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3117,17 +3173,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -3139,7 +3196,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -3147,21 +3204,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3175,37 +3232,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3219,23 +3277,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -3245,26 +3304,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3278,37 +3337,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3322,17 +3382,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -3342,29 +3403,29 @@ spec: type: "object" type: "object" configuration: - description: "Projected volumes containing custom pgBackRest configuration. These files are mounted under \"/etc/pgbackrest/conf.d\" alongside any pgBackRest configuration generated by the PostgreSQL Operator: https://pgbackrest.org/configuration.html" + description: "Projected volumes containing custom pgBackRest configuration. These files are mounted\nunder \"/etc/pgbackrest/conf.d\" alongside any pgBackRest configuration generated by the\nPostgreSQL Operator:\nhttps://pgbackrest.org/configuration.html" items: description: "Projection that may be projected along with other supported volume types" properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"." + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3378,20 +3439,21 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector." + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." type: "string" optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles." + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." type: "boolean" path: description: "Relative path from the volume root to write the bundle." type: "string" signerName: - description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated." + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" @@ -3400,7 +3462,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3408,11 +3470,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3428,6 +3490,7 @@ spec: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: description: "downwardAPI information about the downwardAPI data to project" properties: @@ -3448,15 +3511,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -3474,6 +3538,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" @@ -3484,7 +3549,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3492,11 +3557,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3512,18 +3577,19 @@ spec: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -3533,15 +3599,15 @@ spec: global: additionalProperties: type: "string" - description: "Global pgBackRest configuration settings. These settings are included in the \"global\" section of the pgBackRest configuration generated by the PostgreSQL Operator, and then mounted under \"/etc/pgbackrest/conf.d\": https://pgbackrest.org/configuration.html" + description: "Global pgBackRest configuration settings. These settings are included in the \"global\"\nsection of the pgBackRest configuration generated by the PostgreSQL Operator, and then\nmounted under \"/etc/pgbackrest/conf.d\":\nhttps://pgbackrest.org/configuration.html" type: "object" options: - description: "Command line options to include when running the pgBackRest restore command. https://pgbackrest.org/command.html#command-restore" + description: "Command line options to include when running the pgBackRest restore command.\nhttps://pgbackrest.org/command.html#command-restore" items: type: "string" type: "array" priorityClassName: - description: "Priority class name for the pgBackRest restore Job pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" + description: "Priority class name for the pgBackRest restore Job pod. Changing this\nvalue causes PostgreSQL to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" type: "string" repo: description: "Defines a pgBackRest repository" @@ -3569,7 +3635,7 @@ spec: pattern: "^repo[1-4]" type: "string" s3: - description: "RepoS3 represents a pgBackRest repository that is created using AWS S3 (or S3-compatible) storage" + description: "RepoS3 represents a pgBackRest repository that is created using AWS S3 (or S3-compatible)\nstorage" properties: bucket: description: "The S3 bucket utilized for the repository" @@ -3586,18 +3652,18 @@ spec: - "region" type: "object" schedules: - description: "Defines the schedules for the pgBackRest backups Full, Differential and Incremental backup types are supported: https://pgbackrest.org/user-guide.html#concept/backup" + description: "Defines the schedules for the pgBackRest backups\nFull, Differential and Incremental backup types are supported:\nhttps://pgbackrest.org/user-guide.html#concept/backup" properties: differential: - description: "Defines the Cron schedule for a differential pgBackRest backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax" + description: "Defines the Cron schedule for a differential pgBackRest backup.\nFollows the standard Cron schedule syntax:\nhttps://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax" minLength: 6 type: "string" full: - description: "Defines the Cron schedule for a full pgBackRest backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax" + description: "Defines the Cron schedule for a full pgBackRest backup.\nFollows the standard Cron schedule syntax:\nhttps://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax" minLength: 6 type: "string" incremental: - description: "Defines the Cron schedule for an incremental pgBackRest backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax" + description: "Defines the Cron schedule for an incremental pgBackRest backup.\nFollows the standard Cron schedule syntax:\nhttps://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax" minLength: 6 type: "string" type: "object" @@ -3608,16 +3674,16 @@ spec: description: "Defines a PersistentVolumeClaim spec used to create and/or bind a volume" properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" x-kubernetes-list-type: "atomic" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3629,11 +3695,12 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3642,14 +3709,14 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: limits: additionalProperties: @@ -3658,7 +3725,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3667,7 +3734,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -3676,16 +3743,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3699,17 +3766,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -3725,12 +3793,12 @@ spec: description: "Resource requirements for the pgBackRest restore Job." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -3746,7 +3814,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3755,33 +3823,33 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" stanza: default: "db" - description: "The name of an existing pgBackRest stanza to use as the data source for the new PostgresCluster. Defaults to `db` if not provided." + description: "The name of an existing pgBackRest stanza to use as the data source for the new PostgresCluster.\nDefaults to `db` if not provided." type: "string" tolerations: - description: "Tolerations of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" + description: "Tolerations of the pgBackRest restore Job.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -3790,18 +3858,18 @@ spec: - "stanza" type: "object" postgresCluster: - description: "Defines a pgBackRest data source that can be used to pre-populate the PostgreSQL data directory for a new PostgreSQL cluster using a pgBackRest restore. The PGBackRest field is incompatible with the PostgresCluster field: only one data source can be used for pre-populating a new PostgreSQL cluster" + description: "Defines a pgBackRest data source that can be used to pre-populate the PostgreSQL data\ndirectory for a new PostgreSQL cluster using a pgBackRest restore.\nThe PGBackRest field is incompatible with the PostgresCluster field: only one\ndata source can be used for pre-populating a new PostgreSQL cluster" properties: affinity: - description: "Scheduling constraints of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" + description: "Scheduling constraints of the pgBackRest restore Job.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" properties: nodeAffinity: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -3809,16 +3877,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -3832,16 +3900,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -3853,6 +3921,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" weight: description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" @@ -3864,26 +3933,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -3897,16 +3966,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -3918,17 +3987,19 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" type: "array" x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -3936,21 +4007,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3964,37 +4035,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4008,23 +4080,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -4034,26 +4107,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4067,37 +4140,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4111,17 +4185,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -4133,7 +4208,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -4141,21 +4216,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4169,37 +4244,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4213,23 +4289,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -4239,26 +4316,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4272,37 +4349,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4316,17 +4394,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -4336,33 +4415,33 @@ spec: type: "object" type: "object" clusterName: - description: "The name of an existing PostgresCluster to use as the data source for the new PostgresCluster. Defaults to the name of the PostgresCluster being created if not provided." + description: "The name of an existing PostgresCluster to use as the data source for the new PostgresCluster.\nDefaults to the name of the PostgresCluster being created if not provided." type: "string" clusterNamespace: - description: "The namespace of the cluster specified as the data source using the clusterName field. Defaults to the namespace of the PostgresCluster being created if not provided." + description: "The namespace of the cluster specified as the data source using the clusterName field.\nDefaults to the namespace of the PostgresCluster being created if not provided." type: "string" options: - description: "Command line options to include when running the pgBackRest restore command. https://pgbackrest.org/command.html#command-restore" + description: "Command line options to include when running the pgBackRest restore command.\nhttps://pgbackrest.org/command.html#command-restore" items: type: "string" type: "array" priorityClassName: - description: "Priority class name for the pgBackRest restore Job pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" + description: "Priority class name for the pgBackRest restore Job pod. Changing this\nvalue causes PostgreSQL to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" type: "string" repoName: - description: "The name of the pgBackRest repo within the source PostgresCluster that contains the backups that should be utilized to perform a pgBackRest restore when initializing the data source for the new PostgresCluster." + description: "The name of the pgBackRest repo within the source PostgresCluster that contains the backups\nthat should be utilized to perform a pgBackRest restore when initializing the data source\nfor the new PostgresCluster." pattern: "^repo[1-4]" type: "string" resources: description: "Resource requirements for the pgBackRest restore Job." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4378,7 +4457,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4387,29 +4466,29 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: - description: "Tolerations of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" + description: "Tolerations of the pgBackRest restore Job.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -4420,10 +4499,10 @@ spec: description: "Defines any existing volumes to reuse for this PostgresCluster." properties: pgBackRestVolume: - description: "Defines the existing pgBackRest repo volume and directory to use in the current PostgresCluster." + description: "Defines the existing pgBackRest repo volume and directory to use in the\ncurrent PostgresCluster." properties: directory: - description: "The existing directory. When not set, a move Job is not created for the associated volume." + description: "The existing directory. When not set, a move Job is not created for the\nassociated volume." type: "string" pvcName: description: "The existing PVC name." @@ -4432,10 +4511,10 @@ spec: - "pvcName" type: "object" pgDataVolume: - description: "Defines the existing pgData volume and directory to use in the current PostgresCluster." + description: "Defines the existing pgData volume and directory to use in the current\nPostgresCluster." properties: directory: - description: "The existing directory. When not set, a move Job is not created for the associated volume." + description: "The existing directory. When not set, a move Job is not created for the\nassociated volume." type: "string" pvcName: description: "The existing PVC name." @@ -4444,10 +4523,10 @@ spec: - "pvcName" type: "object" pgWALVolume: - description: "Defines the existing pg_wal volume and directory to use in the current PostgresCluster. Note that a defined pg_wal volume MUST be accompanied by a pgData volume." + description: "Defines the existing pg_wal volume and directory to use in the current\nPostgresCluster. Note that a defined pg_wal volume MUST be accompanied by\na pgData volume." properties: directory: - description: "The existing directory. When not set, a move Job is not created for the associated volume." + description: "The existing directory. When not set, a move Job is not created for the\nassociated volume." type: "string" pvcName: description: "The existing PVC name." @@ -4458,7 +4537,7 @@ spec: type: "object" type: "object" databaseInitSQL: - description: "DatabaseInitSQL defines a ConfigMap containing custom SQL that will be run after the cluster is initialized. This ConfigMap must be in the same namespace as the cluster." + description: "DatabaseInitSQL defines a ConfigMap containing custom SQL that will\nbe run after the cluster is initialized. This ConfigMap must be in the same\nnamespace as the cluster." properties: key: description: "Key is the ConfigMap data key that points to a SQL string" @@ -4471,43 +4550,44 @@ spec: - "name" type: "object" disableDefaultPodScheduling: - description: "Whether or not the PostgreSQL cluster should use the defined default scheduling constraints. If the field is unset or false, the default scheduling constraints will be used in addition to any custom constraints provided." + description: "Whether or not the PostgreSQL cluster should use the defined default\nscheduling constraints. If the field is unset or false, the default\nscheduling constraints will be used in addition to any custom constraints\nprovided." type: "boolean" image: - description: "The image name to use for PostgreSQL containers. When omitted, the value comes from an operator environment variable. For standard PostgreSQL images, the format is RELATED_IMAGE_POSTGRES_{postgresVersion}, e.g. RELATED_IMAGE_POSTGRES_13. For PostGIS enabled PostgreSQL images, the format is RELATED_IMAGE_POSTGRES_{postgresVersion}_GIS_{postGISVersion}, e.g. RELATED_IMAGE_POSTGRES_13_GIS_3.1." + description: "The image name to use for PostgreSQL containers. When omitted, the value\ncomes from an operator environment variable. For standard PostgreSQL images,\nthe format is RELATED_IMAGE_POSTGRES_{postgresVersion},\ne.g. RELATED_IMAGE_POSTGRES_13. For PostGIS enabled PostgreSQL images,\nthe format is RELATED_IMAGE_POSTGRES_{postgresVersion}_GIS_{postGISVersion},\ne.g. RELATED_IMAGE_POSTGRES_13_GIS_3.1." type: "string" imagePullPolicy: - description: "ImagePullPolicy is used to determine when Kubernetes will attempt to pull (download) container images. More info: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy" + description: "ImagePullPolicy is used to determine when Kubernetes will attempt to\npull (download) container images.\nMore info: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy" enum: - "Always" - "Never" - "IfNotPresent" type: "string" imagePullSecrets: - description: "The image pull secrets used to pull from a private registry Changing this value causes all running pods to restart. https://k8s.io/docs/tasks/configure-pod-container/pull-image-private-registry/" + description: "The image pull secrets used to pull from a private registry\nChanging this value causes all running pods to restart.\nhttps://k8s.io/docs/tasks/configure-pod-container/pull-image-private-registry/" items: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: default: "" description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" + x-kubernetes-map-type: "atomic" type: "array" instances: - description: "Specifies one or more sets of PostgreSQL pods that replicate data for this cluster." + description: "Specifies one or more sets of PostgreSQL pods that replicate data for\nthis cluster." items: properties: affinity: - description: "Scheduling constraints of a PostgreSQL pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" + description: "Scheduling constraints of a PostgreSQL pod. Changing this value causes\nPostgreSQL to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" properties: nodeAffinity: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -4515,16 +4595,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -4538,16 +4618,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -4559,6 +4639,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" weight: description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" @@ -4570,26 +4651,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -4603,16 +4684,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -4624,17 +4705,19 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" type: "array" x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -4642,21 +4725,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4670,37 +4753,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4714,23 +4798,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -4740,26 +4825,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4773,37 +4858,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4817,17 +4903,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -4839,7 +4926,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -4847,21 +4934,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4875,37 +4962,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4919,23 +5007,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -4945,26 +5034,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4978,37 +5067,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5022,17 +5112,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -5042,24 +5133,24 @@ spec: type: "object" type: "object" containers: - description: "Custom sidecars for PostgreSQL instance pods. Changing this value causes PostgreSQL to restart." + description: "Custom sidecars for PostgreSQL instance pods. Changing this value causes\nPostgreSQL to restart." items: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" x-kubernetes-list-type: "atomic" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" x-kubernetes-list-type: "atomic" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -5067,7 +5158,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -5088,8 +5179,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -5100,8 +5192,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -5119,6 +5212,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -5135,6 +5229,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" @@ -5144,7 +5239,7 @@ spec: - "name" x-kubernetes-list-type: "map" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -5159,6 +5254,7 @@ spec: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -5173,26 +5269,27 @@ spec: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" x-kubernetes-list-type: "atomic" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -5202,7 +5299,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -5210,7 +5307,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -5228,10 +5325,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -5247,7 +5344,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5256,20 +5353,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -5279,7 +5376,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -5287,7 +5384,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -5305,10 +5402,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -5324,7 +5421,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5333,7 +5430,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -5341,20 +5438,20 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -5365,7 +5462,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -5374,7 +5471,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -5382,7 +5479,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -5400,24 +5497,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -5430,45 +5527,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -5479,20 +5576,20 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -5503,7 +5600,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -5512,7 +5609,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -5520,7 +5617,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -5538,24 +5635,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -5568,17 +5665,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -5588,10 +5685,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -5600,15 +5697,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -5624,7 +5721,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -5633,32 +5730,32 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" appArmorProfile: - description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows." + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is \"Localhost\"." + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." type: "string" type: - description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement." + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." type: "string" required: - "type" type: "object" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -5676,27 +5773,27 @@ spec: x-kubernetes-list-type: "atomic" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -5712,10 +5809,10 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: description: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." @@ -5724,37 +5821,37 @@ spec: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -5765,7 +5862,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -5774,7 +5871,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -5782,7 +5879,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -5800,24 +5897,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -5830,34 +5927,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -5879,30 +5976,30 @@ spec: - "devicePath" x-kubernetes-list-type: "map" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None)." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" recursiveReadOnly: - description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. \n If ReadOnly is false, this field has no meaning and must be unspecified. \n If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. \n If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). \n If this field is not specified, it is treated as an equivalent of Disabled." + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." type: "string" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -5913,27 +6010,27 @@ spec: - "mountPath" x-kubernetes-list-type: "map" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" type: "object" type: "array" dataVolumeClaimSpec: - description: "Defines a PersistentVolumeClaim for PostgreSQL data. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes" + description: "Defines a PersistentVolumeClaim for PostgreSQL data.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes" properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" minItems: 1 type: "array" x-kubernetes-list-type: "atomic" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -5945,11 +6042,12 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -5958,14 +6056,14 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: limits: additionalProperties: @@ -5974,7 +6072,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -5983,7 +6081,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" required: - "storage" type: "object" @@ -5996,16 +6094,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6019,17 +6117,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -6054,15 +6153,15 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Minimum number of pods that should be available at a time. Defaults to one when the replicas field is greater than one." + description: "Minimum number of pods that should be available at a time.\nDefaults to one when the replicas field is greater than one." x-kubernetes-int-or-string: true name: default: "" - description: "Name that associates this set of PostgreSQL pods. This field is optional when only one instance set is defined. Each instance set in a cluster must have a unique name. The combined length of this and the cluster name must be 46 characters or less." + description: "Name that associates this set of PostgreSQL pods. This field is optional\nwhen only one instance set is defined. Each instance set in a cluster\nmust have a unique name. The combined length of this and the cluster name\nmust be 46 characters or less." pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?)?$" type: "string" priorityClassName: - description: "Priority class name for the PostgreSQL pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" + description: "Priority class name for the PostgreSQL pod. Changing this value causes\nPostgreSQL to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" type: "string" replicas: default: 1 @@ -6074,12 +6173,12 @@ spec: description: "Compute resources of a PostgreSQL container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -6095,7 +6194,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -6104,7 +6203,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" sidecars: @@ -6117,12 +6216,12 @@ spec: description: "Resource requirements for a sidecar container" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -6138,7 +6237,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -6147,29 +6246,29 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" type: "object" type: "object" tablespaceVolumes: - description: "The list of tablespaces volumes to mount for this postgrescluster This field requires enabling TablespaceVolumes feature gate" + description: "The list of tablespaces volumes to mount for this postgrescluster\nThis field requires enabling TablespaceVolumes feature gate" items: properties: dataVolumeClaimSpec: - description: "Defines a PersistentVolumeClaim for a tablespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes" + description: "Defines a PersistentVolumeClaim for a tablespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes" properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" x-kubernetes-list-type: "atomic" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -6181,11 +6280,12 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -6194,14 +6294,14 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: limits: additionalProperties: @@ -6210,7 +6310,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -6219,7 +6319,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -6228,16 +6328,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6251,24 +6351,25 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" name: - description: "The name for the tablespace, used as the path name for the volume. Must be unique in the instance set since they become the directory names." + description: "The name for the tablespace, used as the path name for the volume.\nMust be unique in the instance set since they become the directory names." minLength: 1 pattern: "^[a-z][a-z0-9]*$" type: "string" @@ -6281,49 +6382,49 @@ spec: - "name" x-kubernetes-list-type: "map" tolerations: - description: "Tolerations of a PostgreSQL pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" + description: "Tolerations of a PostgreSQL pod. Changing this value causes PostgreSQL to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" topologySpreadConstraints: - description: "Topology spread constraints of a PostgreSQL pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/" + description: "Topology spread constraints of a PostgreSQL pod. Changing this value causes\nPostgreSQL to restart.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/" items: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6337,34 +6438,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -6373,20 +6475,20 @@ spec: type: "object" type: "array" walVolumeClaimSpec: - description: "Defines a separate PersistentVolumeClaim for PostgreSQL's write-ahead log. More info: https://www.postgresql.org/docs/current/wal.html" + description: "Defines a separate PersistentVolumeClaim for PostgreSQL's write-ahead log.\nMore info: https://www.postgresql.org/docs/current/wal.html" properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" minItems: 1 type: "array" x-kubernetes-list-type: "atomic" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -6398,11 +6500,12 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -6411,14 +6514,14 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: limits: additionalProperties: @@ -6427,7 +6530,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -6436,7 +6539,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" required: - "storage" type: "object" @@ -6449,16 +6552,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6472,17 +6575,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -6520,29 +6624,29 @@ spec: exporter: properties: configuration: - description: "Projected volumes containing custom PostgreSQL Exporter configuration. Currently supports the customization of PostgreSQL Exporter queries. If a \"queries.yml\" file is detected in any volume projected using this field, it will be loaded using the \"extend.query-path\" flag: https://github.com/prometheus-community/postgres_exporter#flags Changing the values of field causes PostgreSQL and the exporter to restart." + description: "Projected volumes containing custom PostgreSQL Exporter configuration. Currently supports\nthe customization of PostgreSQL Exporter queries. If a \"queries.yml\" file is detected in\nany volume projected using this field, it will be loaded using the \"extend.query-path\" flag:\nhttps://github.com/prometheus-community/postgres_exporter#flags\nChanging the values of field causes PostgreSQL and the exporter to restart." items: description: "Projection that may be projected along with other supported volume types" properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"." + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6556,20 +6660,21 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector." + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." type: "string" optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles." + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." type: "boolean" path: description: "Relative path from the volume root to write the bundle." type: "string" signerName: - description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated." + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" @@ -6578,7 +6683,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -6586,11 +6691,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -6606,6 +6711,7 @@ spec: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: description: "downwardAPI information about the downwardAPI data to project" properties: @@ -6626,15 +6732,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -6652,6 +6759,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" @@ -6662,7 +6770,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -6670,11 +6778,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -6690,18 +6798,19 @@ spec: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -6709,10 +6818,10 @@ spec: type: "object" type: "array" customTLSSecret: - description: "Projected secret containing custom TLS certificates to encrypt output from the exporter web server" + description: "Projected secret containing custom TLS certificates to encrypt output from the exporter\nweb server" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -6720,11 +6829,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -6740,19 +6849,20 @@ spec: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" image: - description: "The image name to use for crunchy-postgres-exporter containers. The image may also be set using the RELATED_IMAGE_PGEXPORTER environment variable." + description: "The image name to use for crunchy-postgres-exporter containers. The image may\nalso be set using the RELATED_IMAGE_PGEXPORTER environment variable." type: "string" resources: - description: "Changing this value causes PostgreSQL and the exporter to restart. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers" + description: "Changing this value causes PostgreSQL and the exporter to restart.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -6768,7 +6878,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -6777,30 +6887,30 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" type: "object" type: "object" type: "object" openshift: - description: "Whether or not the PostgreSQL cluster is being deployed to an OpenShift environment. If the field is unset, the operator will automatically detect the environment." + description: "Whether or not the PostgreSQL cluster is being deployed to an OpenShift\nenvironment. If the field is unset, the operator will automatically\ndetect the environment." type: "boolean" patroni: properties: dynamicConfiguration: - description: "Patroni dynamic configuration settings. Changes to this value will be automatically reloaded without validation. Changes to certain PostgreSQL parameters cause PostgreSQL to restart. More info: https://patroni.readthedocs.io/en/latest/dynamic_configuration.html" + description: "Patroni dynamic configuration settings. Changes to this value will be\nautomatically reloaded without validation. Changes to certain PostgreSQL\nparameters cause PostgreSQL to restart.\nMore info: https://patroni.readthedocs.io/en/latest/dynamic_configuration.html" type: "object" x-kubernetes-preserve-unknown-fields: true leaderLeaseDurationSeconds: default: 30 - description: "TTL of the cluster leader lock. \"Think of it as the length of time before initiation of the automatic failover process.\" Changing this value causes PostgreSQL to restart." + description: "TTL of the cluster leader lock. \"Think of it as the\nlength of time before initiation of the automatic failover process.\"\nChanging this value causes PostgreSQL to restart." format: "int32" minimum: 3.0 type: "integer" port: default: 8008 - description: "The port on which Patroni should listen. Changing this value causes PostgreSQL to restart." + description: "The port on which Patroni should listen.\nChanging this value causes PostgreSQL to restart." format: "int32" minimum: 1024.0 type: "integer" @@ -6811,11 +6921,11 @@ spec: description: "Whether or not the operator should allow switchovers in a PostgresCluster" type: "boolean" targetInstance: - description: "The instance that should become primary during a switchover. This field is optional when Type is \"Switchover\" and required when Type is \"Failover\". When it is not specified, a healthy replica is automatically selected." + description: "The instance that should become primary during a switchover. This field is\noptional when Type is \"Switchover\" and required when Type is \"Failover\".\nWhen it is not specified, a healthy replica is automatically selected." type: "string" type: default: "Switchover" - description: "Type of switchover to perform. Valid options are Switchover and Failover. \"Switchover\" changes the primary instance of a healthy PostgresCluster. \"Failover\" forces a particular instance to be primary, regardless of other factors. A TargetInstance must be specified to failover. NOTE: The Failover type is reserved as the \"last resort\" case." + description: "Type of switchover to perform. Valid options are Switchover and Failover.\n\"Switchover\" changes the primary instance of a healthy PostgresCluster.\n\"Failover\" forces a particular instance to be primary, regardless of other\nfactors. A TargetInstance must be specified to failover.\nNOTE: The Failover type is reserved as the \"last resort\" case." enum: - "Switchover" - "Failover" @@ -6825,13 +6935,13 @@ spec: type: "object" syncPeriodSeconds: default: 10 - description: "The interval for refreshing the leader lock and applying dynamicConfiguration. Must be less than leaderLeaseDurationSeconds. Changing this value causes PostgreSQL to restart." + description: "The interval for refreshing the leader lock and applying\ndynamicConfiguration. Must be less than leaderLeaseDurationSeconds.\nChanging this value causes PostgreSQL to restart." format: "int32" minimum: 1.0 type: "integer" type: "object" paused: - description: "Suspends the rollout and reconciliation of changes made to the PostgresCluster spec." + description: "Suspends the rollout and reconciliation of changes made to the\nPostgresCluster spec." type: "boolean" port: default: 5432 @@ -6840,7 +6950,7 @@ spec: minimum: 1024.0 type: "integer" postGISVersion: - description: "The PostGIS extension version installed in the PostgreSQL image. When image is not set, indicates a PostGIS enabled image will be used." + description: "The PostGIS extension version installed in the PostgreSQL image.\nWhen image is not set, indicates a PostGIS enabled image will be used." type: "string" postgresVersion: description: "The major version of PostgreSQL installed in the PostgreSQL image" @@ -6854,15 +6964,15 @@ spec: description: "Defines a PgBouncer proxy and connection pooler." properties: affinity: - description: "Scheduling constraints of a PgBouncer pod. Changing this value causes PgBouncer to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" + description: "Scheduling constraints of a PgBouncer pod. Changing this value causes\nPgBouncer to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" properties: nodeAffinity: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -6870,16 +6980,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -6893,16 +7003,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -6914,6 +7024,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" weight: description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" @@ -6925,26 +7036,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -6958,16 +7069,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -6979,17 +7090,19 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" type: "array" x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -6997,21 +7110,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7025,37 +7138,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7069,23 +7183,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -7095,26 +7210,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7128,37 +7243,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7172,17 +7288,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -7194,7 +7311,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -7202,21 +7319,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7230,37 +7347,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7274,23 +7392,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -7300,26 +7419,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7333,37 +7452,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7377,17 +7497,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -7397,37 +7518,37 @@ spec: type: "object" type: "object" config: - description: "Configuration settings for the PgBouncer process. Changes to any of these values will be automatically reloaded without validation. Be careful, as you may put PgBouncer into an unusable state. More info: https://www.pgbouncer.org/usage.html#reload" + description: "Configuration settings for the PgBouncer process. Changes to any of these\nvalues will be automatically reloaded without validation. Be careful, as\nyou may put PgBouncer into an unusable state.\nMore info: https://www.pgbouncer.org/usage.html#reload" properties: databases: additionalProperties: type: "string" - description: "PgBouncer database definitions. The key is the database requested by a client while the value is a libpq-styled connection string. The special key \"*\" acts as a fallback. When this field is empty, PgBouncer is configured with a single \"*\" entry that connects to the primary PostgreSQL instance. More info: https://www.pgbouncer.org/config.html#section-databases" + description: "PgBouncer database definitions. The key is the database requested by a\nclient while the value is a libpq-styled connection string. The special\nkey \"*\" acts as a fallback. When this field is empty, PgBouncer is\nconfigured with a single \"*\" entry that connects to the primary\nPostgreSQL instance.\nMore info: https://www.pgbouncer.org/config.html#section-databases" type: "object" files: - description: "Files to mount under \"/etc/pgbouncer\". When specified, settings in the \"pgbouncer.ini\" file are loaded before all others. From there, other files may be included by absolute path. Changing these references causes PgBouncer to restart, but changes to the file contents are automatically reloaded. More info: https://www.pgbouncer.org/config.html#include-directive" + description: "Files to mount under \"/etc/pgbouncer\". When specified, settings in the\n\"pgbouncer.ini\" file are loaded before all others. From there, other\nfiles may be included by absolute path. Changing these references causes\nPgBouncer to restart, but changes to the file contents are automatically\nreloaded.\nMore info: https://www.pgbouncer.org/config.html#include-directive" items: description: "Projection that may be projected along with other supported volume types" properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"." + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7441,20 +7562,21 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector." + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." type: "string" optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles." + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." type: "boolean" path: description: "Relative path from the volume root to write the bundle." type: "string" signerName: - description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated." + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" @@ -7463,7 +7585,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -7471,11 +7593,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -7491,6 +7613,7 @@ spec: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: description: "downwardAPI information about the downwardAPI data to project" properties: @@ -7511,15 +7634,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -7537,6 +7661,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" @@ -7547,7 +7672,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -7555,11 +7680,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -7575,18 +7700,19 @@ spec: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -7596,33 +7722,33 @@ spec: global: additionalProperties: type: "string" - description: "Settings that apply to the entire PgBouncer process. More info: https://www.pgbouncer.org/config.html" + description: "Settings that apply to the entire PgBouncer process.\nMore info: https://www.pgbouncer.org/config.html" type: "object" users: additionalProperties: type: "string" - description: "Connection settings specific to particular users. More info: https://www.pgbouncer.org/config.html#section-users" + description: "Connection settings specific to particular users.\nMore info: https://www.pgbouncer.org/config.html#section-users" type: "object" type: "object" containers: - description: "Custom sidecars for a PgBouncer pod. Changing this value causes PgBouncer to restart." + description: "Custom sidecars for a PgBouncer pod. Changing this value causes\nPgBouncer to restart." items: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" x-kubernetes-list-type: "atomic" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" x-kubernetes-list-type: "atomic" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -7630,7 +7756,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -7651,8 +7777,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -7663,8 +7790,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -7682,6 +7810,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -7698,6 +7827,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" @@ -7707,7 +7837,7 @@ spec: - "name" x-kubernetes-list-type: "map" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -7722,6 +7852,7 @@ spec: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -7736,26 +7867,27 @@ spec: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" x-kubernetes-list-type: "atomic" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -7765,7 +7897,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -7773,7 +7905,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -7791,10 +7923,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -7810,7 +7942,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -7819,20 +7951,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -7842,7 +7974,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -7850,7 +7982,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -7868,10 +8000,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -7887,7 +8019,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -7896,7 +8028,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -7904,20 +8036,20 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -7928,7 +8060,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -7937,7 +8069,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -7945,7 +8077,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -7963,24 +8095,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -7993,45 +8125,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -8042,20 +8174,20 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -8066,7 +8198,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -8075,7 +8207,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -8083,7 +8215,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -8101,24 +8233,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -8131,17 +8263,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -8151,10 +8283,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -8163,15 +8295,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -8187,7 +8319,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -8196,32 +8328,32 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" appArmorProfile: - description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows." + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is \"Localhost\"." + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." type: "string" type: - description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement." + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." type: "string" required: - "type" type: "object" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -8239,27 +8371,27 @@ spec: x-kubernetes-list-type: "atomic" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -8275,10 +8407,10 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: description: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." @@ -8287,37 +8419,37 @@ spec: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -8328,7 +8460,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -8337,7 +8469,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -8345,7 +8477,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -8363,24 +8495,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -8393,34 +8525,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -8442,30 +8574,30 @@ spec: - "devicePath" x-kubernetes-list-type: "map" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None)." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" recursiveReadOnly: - description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. \n If ReadOnly is false, this field has no meaning and must be unspecified. \n If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. \n If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). \n If this field is not specified, it is treated as an equivalent of Disabled." + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." type: "string" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -8476,17 +8608,17 @@ spec: - "mountPath" x-kubernetes-list-type: "map" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" type: "object" type: "array" customTLSSecret: - description: "A secret projection containing a certificate and key with which to encrypt connections to PgBouncer. The \"tls.crt\", \"tls.key\", and \"ca.crt\" paths must be PEM-encoded certificates and keys. Changing this value causes PgBouncer to restart. More info: https://kubernetes.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths" + description: "A secret projection containing a certificate and key with which to encrypt\nconnections to PgBouncer. The \"tls.crt\", \"tls.key\", and \"ca.crt\" paths must\nbe PEM-encoded certificates and keys. Changing this value causes PgBouncer\nto restart.\nMore info: https://kubernetes.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -8494,11 +8626,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -8514,8 +8646,9 @@ spec: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" image: - description: "Name of a container image that can run PgBouncer 1.15 or newer. Changing this value causes PgBouncer to restart. The image may also be set using the RELATED_IMAGE_PGBOUNCER environment variable. More info: https://kubernetes.io/docs/concepts/containers/images" + description: "Name of a container image that can run PgBouncer 1.15 or newer. Changing\nthis value causes PgBouncer to restart. The image may also be set using\nthe RELATED_IMAGE_PGBOUNCER environment variable.\nMore info: https://kubernetes.io/docs/concepts/containers/images" type: "string" metadata: description: "Metadata contains metadata for custom resources" @@ -8533,16 +8666,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Minimum number of pods that should be available at a time. Defaults to one when the replicas field is greater than one." + description: "Minimum number of pods that should be available at a time.\nDefaults to one when the replicas field is greater than one." x-kubernetes-int-or-string: true port: default: 5432 - description: "Port on which PgBouncer should listen for client connections. Changing this value causes PgBouncer to restart." + description: "Port on which PgBouncer should listen for client connections. Changing\nthis value causes PgBouncer to restart." format: "int32" minimum: 1024.0 type: "integer" priorityClassName: - description: "Priority class name for the pgBouncer pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" + description: "Priority class name for the pgBouncer pod. Changing this value causes\nPostgreSQL to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" type: "string" replicas: default: 1 @@ -8551,15 +8684,15 @@ spec: minimum: 0.0 type: "integer" resources: - description: "Compute resources of a PgBouncer container. Changing this value causes PgBouncer to restart. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers" + description: "Compute resources of a PgBouncer container. Changing this value causes\nPgBouncer to restart.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -8575,7 +8708,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -8584,7 +8717,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" service: @@ -8615,7 +8748,7 @@ spec: type: "object" type: "object" nodePort: - description: "The port on which this service is exposed when type is NodePort or LoadBalancer. Value must be in-range and not in use or the operation will fail. If unspecified, a port will be allocated if this Service requires one. - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" + description: "The port on which this service is exposed when type is NodePort or\nLoadBalancer. Value must be in-range and not in use or the operation will\nfail. If unspecified, a port will be allocated if this Service requires one.\n- https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" format: "int32" type: "integer" type: @@ -8637,12 +8770,12 @@ spec: description: "Resource requirements for a sidecar container" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -8658,7 +8791,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -8667,55 +8800,55 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" type: "object" type: "object" tolerations: - description: "Tolerations of a PgBouncer pod. Changing this value causes PgBouncer to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" + description: "Tolerations of a PgBouncer pod. Changing this value causes PgBouncer to\nrestart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" topologySpreadConstraints: - description: "Topology spread constraints of a PgBouncer pod. Changing this value causes PgBouncer to restart. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/" + description: "Topology spread constraints of a PgBouncer pod. Changing this value causes\nPgBouncer to restart.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/" items: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8729,34 +8862,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -8796,7 +8930,7 @@ spec: type: "object" type: "object" nodePort: - description: "The port on which this service is exposed when type is NodePort or LoadBalancer. Value must be in-range and not in use or the operation will fail. If unspecified, a port will be allocated if this Service requires one. - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" + description: "The port on which this service is exposed when type is NodePort or\nLoadBalancer. Value must be in-range and not in use or the operation will\nfail. If unspecified, a port will be allocated if this Service requires one.\n- https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" format: "int32" type: "integer" type: @@ -8836,7 +8970,7 @@ spec: type: "object" type: "object" nodePort: - description: "The port on which this service is exposed when type is NodePort or LoadBalancer. Value must be in-range and not in use or the operation will fail. If unspecified, a port will be allocated if this Service requires one. - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" + description: "The port on which this service is exposed when type is NodePort or\nLoadBalancer. Value must be in-range and not in use or the operation will\nfail. If unspecified, a port will be allocated if this Service requires one.\n- https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" format: "int32" type: "integer" type: @@ -8849,14 +8983,14 @@ spec: type: "string" type: "object" shutdown: - description: "Whether or not the PostgreSQL cluster should be stopped. When this is true, workloads are scaled to zero and CronJobs are suspended. Other resources, such as Services and Volumes, remain in place." + description: "Whether or not the PostgreSQL cluster should be stopped.\nWhen this is true, workloads are scaled to zero and CronJobs\nare suspended.\nOther resources, such as Services and Volumes, remain in place." type: "boolean" standby: description: "Run this cluster as a read-only copy of an existing cluster or archive." properties: enabled: default: true - description: "Whether or not the PostgreSQL cluster should be read-only. When this is true, WAL files are applied from a pgBackRest repository or another PostgreSQL server." + description: "Whether or not the PostgreSQL cluster should be read-only. When this is\ntrue, WAL files are applied from a pgBackRest repository or another\nPostgreSQL server." type: "boolean" host: description: "Network address of the PostgreSQL server to follow via streaming replication." @@ -8872,7 +9006,7 @@ spec: type: "string" type: "object" supplementalGroups: - description: "A list of group IDs applied to the process of a container. These can be useful when accessing shared file systems with constrained permissions. More info: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context" + description: "A list of group IDs applied to the process of a container. These can be\nuseful when accessing shared file systems with constrained permissions.\nMore info: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context" items: format: "int64" maximum: 2147483647.0 @@ -8886,15 +9020,15 @@ spec: description: "Defines a pgAdmin user interface." properties: affinity: - description: "Scheduling constraints of a pgAdmin pod. Changing this value causes pgAdmin to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" + description: "Scheduling constraints of a pgAdmin pod. Changing this value causes\npgAdmin to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node" properties: nodeAffinity: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -8902,16 +9036,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -8925,16 +9059,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -8946,6 +9080,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" weight: description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" @@ -8957,26 +9092,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -8990,16 +9125,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -9011,17 +9146,19 @@ spec: type: "array" x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" type: "array" x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -9029,21 +9166,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9057,37 +9194,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9101,23 +9239,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -9127,26 +9266,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9160,37 +9299,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9204,17 +9344,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -9226,7 +9367,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -9234,21 +9375,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9262,37 +9403,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9306,23 +9448,24 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -9332,26 +9475,26 @@ spec: type: "array" x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9365,37 +9508,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9409,17 +9553,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -9429,32 +9574,32 @@ spec: type: "object" type: "object" config: - description: "Configuration settings for the pgAdmin process. Changes to any of these values will be loaded without validation. Be careful, as you may put pgAdmin into an unusable state." + description: "Configuration settings for the pgAdmin process. Changes to any of these\nvalues will be loaded without validation. Be careful, as\nyou may put pgAdmin into an unusable state." properties: files: - description: "Files allows the user to mount projected volumes into the pgAdmin container so that files can be referenced by pgAdmin as needed." + description: "Files allows the user to mount projected volumes into the pgAdmin\ncontainer so that files can be referenced by pgAdmin as needed." items: description: "Projection that may be projected along with other supported volume types" properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"." + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9468,20 +9613,21 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector." + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." type: "string" optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles." + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." type: "boolean" path: description: "Relative path from the volume root to write the bundle." type: "string" signerName: - description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated." + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" @@ -9490,7 +9636,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -9498,11 +9644,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -9518,6 +9664,7 @@ spec: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: description: "downwardAPI information about the downwardAPI data to project" properties: @@ -9538,15 +9685,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -9564,6 +9712,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" @@ -9574,7 +9723,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -9582,11 +9731,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -9602,18 +9751,19 @@ spec: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -9621,7 +9771,7 @@ spec: type: "object" type: "array" ldapBindPassword: - description: "A Secret containing the value for the LDAP_BIND_PASSWORD setting. More info: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html" + description: "A Secret containing the value for the LDAP_BIND_PASSWORD setting.\nMore info: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html" properties: key: description: "The key of the secret to select from. Must be a valid secret key." @@ -9636,25 +9786,26 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" settings: - description: "Settings for the pgAdmin server process. Keys should be uppercase and values must be constants. More info: https://www.pgadmin.org/docs/pgadmin4/latest/config_py.html" + description: "Settings for the pgAdmin server process. Keys should be uppercase and\nvalues must be constants.\nMore info: https://www.pgadmin.org/docs/pgadmin4/latest/config_py.html" type: "object" x-kubernetes-preserve-unknown-fields: true type: "object" dataVolumeClaimSpec: - description: "Defines a PersistentVolumeClaim for pgAdmin data. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes" + description: "Defines a PersistentVolumeClaim for pgAdmin data.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes" properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" x-kubernetes-list-type: "atomic" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -9666,11 +9817,12 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -9679,14 +9831,14 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: limits: additionalProperties: @@ -9695,7 +9847,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -9704,7 +9856,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -9713,16 +9865,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9736,24 +9888,25 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" image: - description: "Name of a container image that can run pgAdmin 4. Changing this value causes pgAdmin to restart. The image may also be set using the RELATED_IMAGE_PGADMIN environment variable. More info: https://kubernetes.io/docs/concepts/containers/images" + description: "Name of a container image that can run pgAdmin 4. Changing this value causes\npgAdmin to restart. The image may also be set using the RELATED_IMAGE_PGADMIN\nenvironment variable.\nMore info: https://kubernetes.io/docs/concepts/containers/images" type: "string" metadata: description: "Metadata contains metadata for custom resources" @@ -9768,7 +9921,7 @@ spec: type: "object" type: "object" priorityClassName: - description: "Priority class name for the pgAdmin pod. Changing this value causes pgAdmin to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" + description: "Priority class name for the pgAdmin pod. Changing this value causes pgAdmin\nto restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" type: "string" replicas: default: 1 @@ -9778,15 +9931,15 @@ spec: minimum: 0.0 type: "integer" resources: - description: "Compute resources of a pgAdmin container. Changing this value causes pgAdmin to restart. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers" + description: "Compute resources of a pgAdmin container. Changing this value causes\npgAdmin to restart.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -9802,7 +9955,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -9811,7 +9964,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" service: @@ -9842,7 +9995,7 @@ spec: type: "object" type: "object" nodePort: - description: "The port on which this service is exposed when type is NodePort or LoadBalancer. Value must be in-range and not in use or the operation will fail. If unspecified, a port will be allocated if this Service requires one. - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" + description: "The port on which this service is exposed when type is NodePort or\nLoadBalancer. Value must be in-range and not in use or the operation will\nfail. If unspecified, a port will be allocated if this Service requires one.\n- https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" format: "int32" type: "integer" type: @@ -9855,49 +10008,49 @@ spec: type: "string" type: "object" tolerations: - description: "Tolerations of a pgAdmin pod. Changing this value causes pgAdmin to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" + description: "Tolerations of a pgAdmin pod. Changing this value causes pgAdmin to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration" items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" topologySpreadConstraints: - description: "Topology spread constraints of a pgAdmin pod. Changing this value causes pgAdmin to restart. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/" + description: "Topology spread constraints of a pgAdmin pod. Changing this value causes\npgAdmin to restart.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/" items: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9911,34 +10064,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -9953,26 +10107,26 @@ spec: - "pgAdmin" type: "object" users: - description: "Users to create inside PostgreSQL and the databases they should access. The default creates one user that can access one database matching the PostgresCluster name. An empty list creates no users. Removing a user from this list does NOT drop the user nor revoke their access." + description: "Users to create inside PostgreSQL and the databases they should access.\nThe default creates one user that can access one database matching the\nPostgresCluster name. An empty list creates no users. Removing a user\nfrom this list does NOT drop the user nor revoke their access." items: properties: databases: - description: "Databases to which this user can connect and create objects. Removing a database from this list does NOT revoke access. This field is ignored for the \"postgres\" user." + description: "Databases to which this user can connect and create objects. Removing a\ndatabase from this list does NOT revoke access. This field is ignored for\nthe \"postgres\" user." items: - description: "PostgreSQL identifiers are limited in length but may contain any character. More info: https://www.postgresql.org/docs/current/sql-syntax-lexical.html#SQL-SYNTAX-IDENTIFIERS" + description: "PostgreSQL identifiers are limited in length but may contain any character.\nMore info: https://www.postgresql.org/docs/current/sql-syntax-lexical.html#SQL-SYNTAX-IDENTIFIERS" maxLength: 63 minLength: 1 type: "string" type: "array" x-kubernetes-list-type: "set" name: - description: "The name of this PostgreSQL user. The value may contain only lowercase letters, numbers, and hyphen so that it fits into Kubernetes metadata." + description: "The name of this PostgreSQL user. The value may contain only lowercase\nletters, numbers, and hyphen so that it fits into Kubernetes metadata." maxLength: 63 minLength: 1 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" options: - description: "ALTER ROLE options except for PASSWORD. This field is ignored for the \"postgres\" user. More info: https://www.postgresql.org/docs/current/role-attributes.html" + description: "ALTER ROLE options except for PASSWORD. This field is ignored for the\n\"postgres\" user.\nMore info: https://www.postgresql.org/docs/current/role-attributes.html" maxLength: 200 pattern: "^[^;]*$" type: "string" @@ -9986,7 +10140,7 @@ spec: properties: type: default: "ASCII" - description: "Type of password to generate. Defaults to ASCII. Valid options are ASCII and AlphaNumeric. \"ASCII\" passwords contain letters, numbers, and symbols from the US-ASCII character set. \"AlphaNumeric\" passwords contain letters and numbers from the US-ASCII character set." + description: "Type of password to generate. Defaults to ASCII. Valid options are ASCII\nand AlphaNumeric.\n\"ASCII\" passwords contain letters, numbers, and symbols from the US-ASCII character set.\n\"AlphaNumeric\" passwords contain letters and numbers from the US-ASCII character set." enum: - "ASCII" - "AlphaNumeric" @@ -10011,25 +10165,25 @@ spec: description: "PostgresClusterStatus defines the observed state of PostgresCluster" properties: conditions: - description: "conditions represent the observations of postgrescluster's current state. Known .status.conditions.type are: \"PersistentVolumeResizing\", \"Progressing\", \"ProxyAvailable\"" + description: "conditions represent the observations of postgrescluster's current state.\nKnown .status.conditions.type are: \"PersistentVolumeResizing\",\n\"Progressing\", \"ProxyAvailable\"" items: description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -10128,7 +10282,7 @@ spec: format: "int32" type: "integer" completionTime: - description: "Represents the time the manual backup Job was determined by the Job controller to be completed. This field is only set if the backup completed successfully. Additionally, it is represented in RFC3339 form and is in UTC." + description: "Represents the time the manual backup Job was determined by the Job controller\nto be completed. This field is only set if the backup completed successfully.\nAdditionally, it is represented in RFC3339 form and is in UTC." format: "date-time" type: "string" failed: @@ -10136,13 +10290,13 @@ spec: format: "int32" type: "integer" finished: - description: "Specifies whether or not the Job is finished executing (does not indicate success or failure)." + description: "Specifies whether or not the Job is finished executing (does not indicate success or\nfailure)." type: "boolean" id: - description: "A unique identifier for the manual backup as provided using the \"pgbackrest-backup\" annotation when initiating a backup." + description: "A unique identifier for the manual backup as provided using the \"pgbackrest-backup\"\nannotation when initiating a backup." type: "string" startTime: - description: "Represents the time the manual backup Job was acknowledged by the Job controller. It is represented in RFC3339 form and is in UTC." + description: "Represents the time the manual backup Job was acknowledged by the Job controller.\nIt is represented in RFC3339 form and is in UTC." format: "date-time" type: "string" succeeded: @@ -10157,10 +10311,10 @@ spec: description: "Status information for the pgBackRest dedicated repository host" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" ready: description: "Whether or not the pgBackRest repository host is ready for use" @@ -10178,10 +10332,10 @@ spec: description: "The name of the pgBackRest repository" type: "string" replicaCreateBackupComplete: - description: "ReplicaCreateBackupReady indicates whether a backup exists in the repository as needed to bootstrap replicas." + description: "ReplicaCreateBackupReady indicates whether a backup exists in the repository as needed\nto bootstrap replicas." type: "boolean" repoOptionsHash: - description: "A hash of the required fields in the spec for defining an Azure, GCS or S3 repository, Utilized to detect changes to these fields and then execute pgBackRest stanza-create commands accordingly." + description: "A hash of the required fields in the spec for defining an Azure, GCS or S3 repository,\nUtilized to detect changes to these fields and then execute pgBackRest stanza-create\ncommands accordingly." type: "string" stanzaCreated: description: "Specifies whether or not a stanza has been successfully created for the repository" @@ -10204,7 +10358,7 @@ spec: format: "int32" type: "integer" completionTime: - description: "Represents the time the manual backup Job was determined by the Job controller to be completed. This field is only set if the backup completed successfully. Additionally, it is represented in RFC3339 form and is in UTC." + description: "Represents the time the manual backup Job was determined by the Job controller\nto be completed. This field is only set if the backup completed successfully.\nAdditionally, it is represented in RFC3339 form and is in UTC." format: "date-time" type: "string" failed: @@ -10212,13 +10366,13 @@ spec: format: "int32" type: "integer" finished: - description: "Specifies whether or not the Job is finished executing (does not indicate success or failure)." + description: "Specifies whether or not the Job is finished executing (does not indicate success or\nfailure)." type: "boolean" id: - description: "A unique identifier for the manual backup as provided using the \"pgbackrest-backup\" annotation when initiating a backup." + description: "A unique identifier for the manual backup as provided using the \"pgbackrest-backup\"\nannotation when initiating a backup." type: "string" startTime: - description: "Represents the time the manual backup Job was acknowledged by the Job controller. It is represented in RFC3339 form and is in UTC." + description: "Represents the time the manual backup Job was acknowledged by the Job controller.\nIt is represented in RFC3339 form and is in UTC." format: "date-time" type: "string" succeeded: @@ -10238,7 +10392,7 @@ spec: format: "int32" type: "integer" completionTime: - description: "Represents the time the manual backup Job was determined by the Job controller to be completed. This field is only set if the backup completed successfully. Additionally, it is represented in RFC3339 form and is in UTC." + description: "Represents the time the manual backup Job was determined by the Job controller\nto be completed. This field is only set if the backup completed successfully.\nAdditionally, it is represented in RFC3339 form and is in UTC." format: "date-time" type: "string" cronJobName: @@ -10252,7 +10406,7 @@ spec: description: "The name of the associated pgBackRest repository" type: "string" startTime: - description: "Represents the time the manual backup Job was acknowledged by the Job controller. It is represented in RFC3339 form and is in UTC." + description: "Represents the time the manual backup Job was acknowledged by the Job controller.\nIt is represented in RFC3339 form and is in UTC." format: "date-time" type: "string" succeeded: @@ -10266,7 +10420,7 @@ spec: type: "array" type: "object" postgresVersion: - description: "Stores the current PostgreSQL major version following a successful major PostgreSQL upgrade." + description: "Stores the current PostgreSQL major version following a successful\nmajor PostgreSQL upgrade." type: "integer" proxy: description: "Current state of the PostgreSQL proxy." @@ -10274,7 +10428,7 @@ spec: pgBouncer: properties: postgresRevision: - description: "Identifies the revision of PgBouncer assets that have been installed into PostgreSQL." + description: "Identifies the revision of PgBouncer assets that have been installed into\nPostgreSQL." type: "string" readyReplicas: description: "Total number of ready pods." @@ -10292,7 +10446,7 @@ spec: type: "string" type: "object" startupInstance: - description: "The instance that should be started first when bootstrapping and/or starting a PostgresCluster." + description: "The instance that should be started first when bootstrapping and/or starting a\nPostgresCluster." type: "string" startupInstanceSet: description: "The instance set associated with the startupInstance" diff --git a/crd-catalog/FyraLabs/chisel-operator/chisel-operator.io/v2/exitnodes.yaml b/crd-catalog/FyraLabs/chisel-operator/chisel-operator.io/v2/exitnodes.yaml new file mode 100644 index 000000000..7044a4457 --- /dev/null +++ b/crd-catalog/FyraLabs/chisel-operator/chisel-operator.io/v2/exitnodes.yaml @@ -0,0 +1,93 @@ +apiVersion: "apiextensions.k8s.io/v1" +kind: "CustomResourceDefinition" +metadata: + name: "exitnodes.chisel-operator.io" +spec: + group: "chisel-operator.io" + names: + categories: [] + kind: "ExitNode" + plural: "exitnodes" + shortNames: [] + singular: "exitnode" + scope: "Namespaced" + versions: + - additionalPrinterColumns: [] + name: "v2" + schema: + openAPIV3Schema: + description: "Auto-generated derived type for ExitNodeSpec via `CustomResource`" + properties: + spec: + description: "ExitNode is a custom resource that represents a Chisel exit node. It will be used as the reverse proxy for all services in the cluster." + properties: + auth: + description: "Optional authentication secret name to connect to the control plane" + nullable: true + type: "string" + chisel_image: + description: "Optional value for the chisel client image used to connect to the chisel server If not provided, jpillora/chisel:latest is used" + nullable: true + type: "string" + default_route: + default: false + description: "Optional boolean value for whether to make the exit node the default route for the cluster If true, the exit node will be the default route for the cluster default value is false" + type: "boolean" + external_host: + description: "Optional real external hostname/IP of exit node If not provided, the host field will be used" + nullable: true + type: "string" + fingerprint: + description: "Optional but highly recommended fingerprint to perform host-key validation against the server's public key" + nullable: true + type: "string" + host: + description: "Hostname or IP address of the chisel server" + type: "string" + port: + description: "Control plane port of the chisel server" + format: "uint16" + minimum: 0.0 + type: "integer" + required: + - "host" + - "port" + type: "object" + status: + nullable: true + properties: + id: + nullable: true + type: "string" + ip: + type: "string" + name: + type: "string" + provider: + type: "string" + service_binding: + items: + properties: + name: + type: "string" + namespace: + type: "string" + required: + - "name" + - "namespace" + type: "object" + type: "array" + required: + - "ip" + - "name" + - "provider" + - "service_binding" + type: "object" + required: + - "spec" + title: "ExitNode" + type: "object" + served: true + storage: true + subresources: + status: {} diff --git a/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/scheduledsparkapplications.yaml b/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/scheduledsparkapplications.yaml index b390067fc..6f39dd0fb 100644 --- a/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/scheduledsparkapplications.yaml +++ b/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/scheduledsparkapplications.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubeflow/spark-operator/pull/1298" - controller-gen.kubebuilder.io/version: "(unknown)" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "scheduledsparkapplications.sparkoperator.k8s.io" spec: group: "sparkoperator.k8s.io" @@ -22,7 +22,7 @@ spec: type: "string" - jsonPath: ".spec.suspend" name: "Suspend" - type: "boolean" + type: "string" - jsonPath: ".status.lastRun" name: "Last Run" type: "date" @@ -37,38 +37,51 @@ spec: openAPIV3Schema: properties: apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: properties: concurrencyPolicy: + description: "ConcurrencyPolicy is the policy governing concurrent SparkApplication runs." type: "string" failedRunHistoryLimit: + description: "FailedRunHistoryLimit is the number of past failed runs of the application to keep.\nDefaults to 1." format: "int32" type: "integer" schedule: + description: "Schedule is a cron schedule on which the application should run." type: "string" successfulRunHistoryLimit: + description: "SuccessfulRunHistoryLimit is the number of past successful runs of the application to keep.\nDefaults to 1." format: "int32" type: "integer" suspend: + description: "Suspend is a flag telling the controller to suspend subsequent runs of the application if set to true.\nDefaults to false." type: "boolean" template: + description: "Template is a template from which SparkApplication instances can be created." properties: arguments: + description: "Arguments is a list of arguments to be passed to the application." items: type: "string" type: "array" batchScheduler: + description: "BatchScheduler configures which batch scheduler will be used for scheduling" type: "string" batchSchedulerOptions: + description: "BatchSchedulerOptions provides fine-grained control on how to batch scheduling." properties: priorityClassName: + description: "PriorityClassName stands for the name of k8s PriorityClass resource, it's being used in Volcano batch scheduler." type: "string" queue: + description: "Queue stands for the resource queue which the application belongs to, it's being used in Volcano batch scheduler." type: "string" resources: additionalProperties: @@ -77,54 +90,73 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Resources stands for the resource list custom request for. Usually it is used to define the lower-bound limit.\nIf specified, volcano scheduler will consider it as the resources requested." type: "object" type: "object" deps: + description: "Deps captures all possible types of dependencies of a Spark application." properties: excludePackages: + description: "ExcludePackages is a list of \"groupId:artifactId\", to exclude while resolving the\ndependencies provided in Packages to avoid dependency conflicts." items: type: "string" type: "array" files: + description: "Files is a list of files the Spark application depends on." items: type: "string" type: "array" jars: + description: "Jars is a list of JAR files the Spark application depends on." items: type: "string" type: "array" packages: + description: "Packages is a list of maven coordinates of jars to include on the driver and executor\nclasspaths. This will search the local maven repo, then maven central and any additional\nremote repositories given by the \"repositories\" option.\nEach package should be of the form \"groupId:artifactId:version\"." items: type: "string" type: "array" pyFiles: + description: "PyFiles is a list of Python files the Spark application depends on." items: type: "string" type: "array" repositories: + description: "Repositories is a list of additional remote repositories to search for the maven coordinate\ngiven with the \"packages\" option." items: type: "string" type: "array" type: "object" driver: + description: "Driver is the driver specification." properties: affinity: + description: "Affinity specifies the affinity/anti-affinity settings for the pod." properties: nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: + description: "A node selector term, associated with the corresponding weight." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -134,13 +166,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -150,7 +187,9 @@ spec: type: "object" type: "array" type: "object" + x-kubernetes-map-type: "atomic" weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" type: "integer" required: @@ -159,18 +198,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -180,13 +227,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -196,28 +248,83 @@ spec: type: "object" type: "array" type: "object" + x-kubernetes-map-type: "atomic" type: "array" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -229,18 +336,23 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -249,18 +361,69 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -272,13 +435,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -286,22 +453,75 @@ spec: type: "array" type: "object" podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -313,18 +533,23 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -333,18 +558,69 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -356,13 +632,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -373,9 +653,12 @@ spec: annotations: additionalProperties: type: "string" + description: "Annotations are the Kubernetes annotations to be added to the pod." type: "object" configMaps: + description: "ConfigMaps carries information of other ConfigMaps to add to the pod." items: + description: "NamePath is a pair of a name and a path to which the named objects should be mounted to." properties: name: type: "string" @@ -387,116 +670,161 @@ spec: type: "object" type: "array" coreLimit: + description: "CoreLimit specifies a hard limit on CPU cores for the pod.\nOptional" type: "string" coreRequest: + description: "CoreRequest is the physical CPU core request for the driver.\nMaps to `spark.kubernetes.driver.request.cores` that is available since Spark 3.0." type: "string" cores: + description: "Cores maps to `spark.driver.cores` or `spark.executor.cores` for the driver and executors, respectively." format: "int32" minimum: 1.0 type: "integer" dnsConfig: + description: "DnsConfig dns settings for the pod, following the Kubernetes specifications." properties: nameservers: + description: "A list of DNS name server IP addresses.\nThis will be appended to the base nameservers generated from DNSPolicy.\nDuplicated nameservers will be removed." items: type: "string" type: "array" options: + description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." items: + description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: + description: "Required." type: "string" value: type: "string" type: "object" type: "array" searches: + description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." items: type: "string" type: "array" type: "object" env: + description: "Env carries the environment variables to add to the pod." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: + description: "EnvFrom is a list of sources to populate environment variables in the container." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" envSecretKeyRefs: additionalProperties: + description: "NameKey represents the name and key of a SecretKeyRef." properties: key: type: "string" @@ -506,16 +834,21 @@ spec: - "key" - "name" type: "object" + description: "EnvSecretKeyRefs holds a mapping from environment variable names to SecretKeyRefs.\nDeprecated. Consider using `env` instead." type: "object" envVars: additionalProperties: type: "string" + description: "EnvVars carries the environment variables to add to the pod.\nDeprecated. Consider using `env` instead." type: "object" gpu: + description: "GPU specifies GPU requirement for the pod." properties: name: + description: "Name is GPU resource name, such as: nvidia.com/gpu or amd.com/gpu" type: "string" quantity: + description: "Quantity is the number of GPUs to request for driver or executor." format: "int64" type: "integer" required: @@ -523,137 +856,194 @@ spec: - "quantity" type: "object" hostAliases: + description: "HostAliases settings for the pod, following the Kubernetes specifications." items: + description: "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the\npod's hosts file." properties: hostnames: + description: "Hostnames for the above IP address." items: type: "string" type: "array" ip: + description: "IP address of the host file entry." type: "string" type: "object" type: "array" hostNetwork: + description: "HostNetwork indicates whether to request host networking for the pod or not." type: "boolean" image: + description: "Image is the container image to use. Overrides Spec.Image if set." type: "string" initContainers: + description: "InitContainers is a list of init-containers that run to completion before the main Spark container." items: + description: "A single application container that you want to run within a pod." properties: args: + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: + description: "List of environment variables to set in the container.\nCannot be updated." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -661,49 +1051,74 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -711,25 +1126,41 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -737,27 +1168,50 @@ spec: type: "object" type: "object" livenessProbe: + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -765,62 +1219,84 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: + description: "ContainerPort represents a network port in a single container." properties: containerPort: + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: + description: "What host IP to bind the external port to." type: "string" hostPort: + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: + default: "TCP" + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" - - "protocol" type: "object" type: "array" x-kubernetes-list-map-keys: @@ -828,27 +1304,50 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -856,44 +1355,91 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" + resizePolicy: + description: "Resources resize policy for the container." + items: + description: "ContainerResizePolicy represents resource resize policy for the container." + properties: + resourceName: + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." + type: "string" + restartPolicy: + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." + type: "string" + required: + - "resourceName" + - "restartPolicy" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" resources: + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -901,6 +1447,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -909,87 +1456,144 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -997,58 +1601,81 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: + description: "volumeDevices is the list of block devices to be used by the container." items: + description: "volumeDevice describes a mapping of a raw block device within a container." properties: devicePath: + description: "devicePath is the path inside of the container that the device will be mapped to." type: "string" name: + description: "name must match the name of a persistentVolumeClaim in the pod" type: "string" required: - "devicePath" @@ -1056,19 +1683,27 @@ spec: type: "object" type: "array" volumeMounts: + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1076,40 +1711,54 @@ spec: type: "object" type: "array" workingDir: + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" type: "object" type: "array" javaOptions: + description: "JavaOptions is a string of extra JVM options to pass to the driver. For instance,\nGC settings or other logging." type: "string" kubernetesMaster: + description: "KubernetesMaster is the URL of the Kubernetes master used by the driver to manage executor pods and\nother Kubernetes resources. Default to https://kubernetes.default.svc." type: "string" labels: additionalProperties: type: "string" + description: "Labels are the Kubernetes labels to be added to the pod." type: "object" lifecycle: + description: "Lifecycle for running preStop or postStart commands" properties: postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1117,49 +1766,74 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1167,25 +1841,41 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -1193,51 +1883,85 @@ spec: type: "object" type: "object" memory: + description: "Memory is the amount of memory to request for the pod." type: "string" memoryOverhead: + description: "MemoryOverhead is the amount of off-heap memory to allocate in cluster mode, in MiB unless otherwise specified." type: "string" nodeSelector: additionalProperties: type: "string" + description: "NodeSelector is the Kubernetes node selector to be added to the driver and executor pods.\nThis field is mutually exclusive with nodeSelector at SparkApplication level (which will be deprecated)." type: "object" podName: + description: "PodName is the name of the driver pod that the user creates. This is used for the\nin-cluster client mode in which the user creates a client pod where the driver of\nthe user application runs. It's an error to set this field if Mode is not\nin-cluster-client." pattern: "[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*" type: "string" podSecurityContext: + description: "PodSecurityContext specifies the PodSecurityContext to apply." properties: fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." + type: "string" + type: "object" + seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" + type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: + description: "Sysctl defines a kernel parameter to be set" properties: name: + description: "Name of a property to set" type: "string" value: + description: "Value of a property to set" type: "string" required: - "name" @@ -1245,25 +1969,54 @@ spec: type: "object" type: "array" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" + ports: + description: "Ports settings for the pods, following the Kubernetes specifications." + items: + description: "Port represents the port definition in the pods objects." + properties: + containerPort: + format: "int32" + type: "integer" + name: + type: "string" + protocol: + type: "string" + required: + - "containerPort" + - "name" + - "protocol" + type: "object" + type: "array" schedulerName: + description: "SchedulerName specifies the scheduler that will be used for scheduling" type: "string" secrets: + description: "Secrets carries information of secrets to add to the pod." items: + description: "SecretInfo captures information of a secret." properties: name: type: "string" path: type: "string" secretType: + description: "SecretType tells the type of a secret." type: "string" required: - "name" @@ -1272,189 +2025,276 @@ spec: type: "object" type: "array" securityContext: + description: "SecurityContext specifies the container's SecurityContext to apply." properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" serviceAccount: + description: "ServiceAccount is the name of the custom Kubernetes service account used by the pod." type: "string" serviceAnnotations: additionalProperties: type: "string" + description: "ServiceAnnotations defines the annotations to be added to the Kubernetes headless service used by\nexecutors to connect to the driver." type: "object" serviceLabels: additionalProperties: type: "string" + description: "ServiceLabels defines the labels to be added to the Kubernetes headless service used by\nexecutors to connect to the driver." type: "object" shareProcessNamespace: + description: "ShareProcessNamespace settings for the pod, following the Kubernetes specifications." type: "boolean" sidecars: + description: "Sidecars is a list of sidecar containers that run along side the main Spark container." items: + description: "A single application container that you want to run within a pod." properties: args: + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: + description: "List of environment variables to set in the container.\nCannot be updated." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1462,49 +2302,74 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1512,25 +2377,41 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -1538,27 +2419,50 @@ spec: type: "object" type: "object" livenessProbe: + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1566,62 +2470,84 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: + description: "ContainerPort represents a network port in a single container." properties: containerPort: + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: + description: "What host IP to bind the external port to." type: "string" hostPort: + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: + default: "TCP" + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" - - "protocol" type: "object" type: "array" x-kubernetes-list-map-keys: @@ -1629,27 +2555,50 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1657,44 +2606,91 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" + resizePolicy: + description: "Resources resize policy for the container." + items: + description: "ContainerResizePolicy represents resource resize policy for the container." + properties: + resourceName: + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." + type: "string" + restartPolicy: + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." + type: "string" + required: + - "resourceName" + - "restartPolicy" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" resources: + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -1702,6 +2698,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1710,85 +2707,144 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" + restartPolicy: + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." + type: "string" securityContext: + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1796,58 +2852,81 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: + description: "volumeDevices is the list of block devices to be used by the container." items: + description: "volumeDevice describes a mapping of a raw block device within a container." properties: devicePath: + description: "devicePath is the path inside of the container that the device will be mapped to." type: "string" name: + description: "name must match the name of a persistentVolumeClaim in the pod" type: "string" required: - "devicePath" @@ -1855,19 +2934,27 @@ spec: type: "object" type: "array" volumeMounts: + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1875,44 +2962,61 @@ spec: type: "object" type: "array" workingDir: + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" type: "object" type: "array" terminationGracePeriodSeconds: + description: "Termination grace period seconds for the pod" format: "int64" type: "integer" tolerations: + description: "Tolerations specifies the tolerations listed in \".spec.tolerations\" to be applied to the pod." items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" volumeMounts: + description: "VolumeMounts specifies the volumes listed in \".spec.volumes\" to mount into the main container's filesystem." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1921,78 +3025,112 @@ spec: type: "array" type: "object" driverIngressOptions: + description: "DriverIngressOptions allows configuring the Service and the Ingress to expose ports inside Spark Driver" items: + description: "DriverIngressConfiguration is for driver ingress specific configuration parameters." properties: ingressAnnotations: additionalProperties: type: "string" + description: "IngressAnnotations is a map of key,value pairs of annotations that might be added to the ingress object. i.e. specify nginx as ingress.class" type: "object" ingressTLS: + description: "TlsHosts is useful If we need to declare SSL certificates to the ingress object" items: + description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" secretName: + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" ingressURLFormat: + description: "IngressURLFormat is the URL for the ingress." type: "string" serviceAnnotations: additionalProperties: type: "string" + description: "ServiceAnnotations is a map of key,value pairs of annotations that might be added to the service object." type: "object" serviceLabels: additionalProperties: type: "string" + description: "ServiceLables is a map of key,value pairs of labels that might be added to the service object." type: "object" servicePort: + description: "ServicePort allows configuring the port at service level that might be different from the targetPort." format: "int32" type: "integer" servicePortName: + description: "ServicePortName allows configuring the name of the service port.\nThis may be useful for sidecar proxies like Envoy injected by Istio which require specific ports names to treat traffic as proper HTTP." type: "string" serviceType: + description: "ServiceType allows configuring the type of the service. Defaults to ClusterIP." type: "string" + required: + - "servicePort" + - "servicePortName" type: "object" type: "array" dynamicAllocation: + description: "DynamicAllocation configures dynamic allocation that becomes available for the Kubernetes\nscheduler backend since Spark 3.0." properties: enabled: + description: "Enabled controls whether dynamic allocation is enabled or not." type: "boolean" initialExecutors: + description: "InitialExecutors is the initial number of executors to request. If .spec.executor.instances\nis also set, the initial number of executors is set to the bigger of that and this option." format: "int32" type: "integer" maxExecutors: + description: "MaxExecutors is the upper bound for the number of executors if dynamic allocation is enabled." format: "int32" type: "integer" minExecutors: + description: "MinExecutors is the lower bound for the number of executors if dynamic allocation is enabled." format: "int32" type: "integer" shuffleTrackingTimeout: + description: "ShuffleTrackingTimeout controls the timeout in milliseconds for executors that are holding\nshuffle data if shuffle tracking is enabled (true by default if dynamic allocation is enabled)." format: "int64" type: "integer" type: "object" executor: + description: "Executor is the executor specification." properties: affinity: + description: "Affinity specifies the affinity/anti-affinity settings for the pod." properties: nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: + description: "A node selector term, associated with the corresponding weight." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2002,13 +3140,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2018,7 +3161,9 @@ spec: type: "object" type: "array" type: "object" + x-kubernetes-map-type: "atomic" weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" type: "integer" required: @@ -2027,18 +3172,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2048,13 +3201,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2064,28 +3222,40 @@ spec: type: "object" type: "array" type: "object" + x-kubernetes-map-type: "atomic" type: "array" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2097,38 +3267,137 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" - namespaces: + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" - topologyKey: - type: "string" - required: - - "topologyKey" - type: "object" - weight: - format: "int32" - type: "integer" - required: - - "podAffinityTerm" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" - "weight" type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2140,13 +3409,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -2154,22 +3427,32 @@ spec: type: "array" type: "object" podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2181,18 +3464,66 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -2201,18 +3532,69 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2224,13 +3606,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -2241,9 +3627,12 @@ spec: annotations: additionalProperties: type: "string" + description: "Annotations are the Kubernetes annotations to be added to the pod." type: "object" configMaps: + description: "ConfigMaps carries information of other ConfigMaps to add to the pod." items: + description: "NamePath is a pair of a name and a path to which the named objects should be mounted to." properties: name: type: "string" @@ -2255,118 +3644,164 @@ spec: type: "object" type: "array" coreLimit: + description: "CoreLimit specifies a hard limit on CPU cores for the pod.\nOptional" type: "string" coreRequest: + description: "CoreRequest is the physical CPU core request for the executors.\nMaps to `spark.kubernetes.executor.request.cores` that is available since Spark 2.4." type: "string" cores: + description: "Cores maps to `spark.driver.cores` or `spark.executor.cores` for the driver and executors, respectively." format: "int32" minimum: 1.0 type: "integer" deleteOnTermination: + description: "DeleteOnTermination specify whether executor pods should be deleted in case of failure or normal termination.\nMaps to `spark.kubernetes.executor.deleteOnTermination` that is available since Spark 3.0." type: "boolean" dnsConfig: + description: "DnsConfig dns settings for the pod, following the Kubernetes specifications." properties: nameservers: + description: "A list of DNS name server IP addresses.\nThis will be appended to the base nameservers generated from DNSPolicy.\nDuplicated nameservers will be removed." items: type: "string" type: "array" options: + description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." items: + description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: + description: "Required." type: "string" value: type: "string" type: "object" type: "array" searches: + description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." items: type: "string" type: "array" type: "object" env: + description: "Env carries the environment variables to add to the pod." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: + description: "EnvFrom is a list of sources to populate environment variables in the container." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" envSecretKeyRefs: additionalProperties: + description: "NameKey represents the name and key of a SecretKeyRef." properties: key: type: "string" @@ -2376,16 +3811,21 @@ spec: - "key" - "name" type: "object" + description: "EnvSecretKeyRefs holds a mapping from environment variable names to SecretKeyRefs.\nDeprecated. Consider using `env` instead." type: "object" envVars: additionalProperties: type: "string" + description: "EnvVars carries the environment variables to add to the pod.\nDeprecated. Consider using `env` instead." type: "object" gpu: + description: "GPU specifies GPU requirement for the pod." properties: name: + description: "Name is GPU resource name, such as: nvidia.com/gpu or amd.com/gpu" type: "string" quantity: + description: "Quantity is the number of GPUs to request for driver or executor." format: "int64" type: "integer" required: @@ -2393,137 +3833,194 @@ spec: - "quantity" type: "object" hostAliases: + description: "HostAliases settings for the pod, following the Kubernetes specifications." items: + description: "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the\npod's hosts file." properties: hostnames: + description: "Hostnames for the above IP address." items: type: "string" type: "array" ip: + description: "IP address of the host file entry." type: "string" type: "object" type: "array" hostNetwork: + description: "HostNetwork indicates whether to request host networking for the pod or not." type: "boolean" image: + description: "Image is the container image to use. Overrides Spec.Image if set." type: "string" initContainers: + description: "InitContainers is a list of init-containers that run to completion before the main Spark container." items: + description: "A single application container that you want to run within a pod." properties: args: + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: + description: "List of environment variables to set in the container.\nCannot be updated." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -2531,49 +4028,74 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -2581,25 +4103,41 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -2607,27 +4145,50 @@ spec: type: "object" type: "object" livenessProbe: + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -2635,62 +4196,84 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: + description: "ContainerPort represents a network port in a single container." properties: containerPort: + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: + description: "What host IP to bind the external port to." type: "string" hostPort: + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: + default: "TCP" + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" - - "protocol" type: "object" type: "array" x-kubernetes-list-map-keys: @@ -2698,27 +4281,50 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -2726,44 +4332,91 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" + resizePolicy: + description: "Resources resize policy for the container." + items: + description: "ContainerResizePolicy represents resource resize policy for the container." + properties: + resourceName: + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." + type: "string" + restartPolicy: + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." + type: "string" + required: + - "resourceName" + - "restartPolicy" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" resources: + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -2771,6 +4424,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2779,87 +4433,144 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -2867,58 +4578,81 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: + description: "volumeDevices is the list of block devices to be used by the container." items: + description: "volumeDevice describes a mapping of a raw block device within a container." properties: devicePath: + description: "devicePath is the path inside of the container that the device will be mapped to." type: "string" name: + description: "name must match the name of a persistentVolumeClaim in the pod" type: "string" required: - "devicePath" @@ -2926,19 +4660,27 @@ spec: type: "object" type: "array" volumeMounts: + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -2946,64 +4688,255 @@ spec: type: "object" type: "array" workingDir: + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" type: "object" type: "array" instances: + description: "Instances is the number of executor instances." format: "int32" minimum: 1.0 type: "integer" javaOptions: + description: "JavaOptions is a string of extra JVM options to pass to the executors. For instance,\nGC settings or other logging." type: "string" labels: additionalProperties: type: "string" + description: "Labels are the Kubernetes labels to be added to the pod." + type: "object" + lifecycle: + description: "Lifecycle for running preStop or postStart commands" + properties: + postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: "Exec specifies the action to take." + properties: + command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." + items: + type: "string" + type: "array" + type: "object" + httpGet: + description: "HTTPGet specifies the http request to perform." + properties: + host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." + type: "string" + httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." + items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" + properties: + name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." + type: "string" + value: + description: "The header field value" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + path: + description: "Path to access on the HTTP server." + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." + x-kubernetes-int-or-string: true + scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." + type: "string" + required: + - "port" + type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" + tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + properties: + host: + description: "Optional: Host name to connect to, defaults to the pod IP." + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" + type: "object" + preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: "Exec specifies the action to take." + properties: + command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." + items: + type: "string" + type: "array" + type: "object" + httpGet: + description: "HTTPGet specifies the http request to perform." + properties: + host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." + type: "string" + httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." + items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" + properties: + name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." + type: "string" + value: + description: "The header field value" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + path: + description: "Path to access on the HTTP server." + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." + x-kubernetes-int-or-string: true + scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." + type: "string" + required: + - "port" + type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" + tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + properties: + host: + description: "Optional: Host name to connect to, defaults to the pod IP." + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" + type: "object" type: "object" memory: + description: "Memory is the amount of memory to request for the pod." type: "string" memoryOverhead: + description: "MemoryOverhead is the amount of off-heap memory to allocate in cluster mode, in MiB unless otherwise specified." type: "string" nodeSelector: additionalProperties: type: "string" + description: "NodeSelector is the Kubernetes node selector to be added to the driver and executor pods.\nThis field is mutually exclusive with nodeSelector at SparkApplication level (which will be deprecated)." type: "object" podSecurityContext: + description: "PodSecurityContext specifies the PodSecurityContext to apply." properties: fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." + type: "string" + type: "object" + seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" + type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: + description: "Sysctl defines a kernel parameter to be set" properties: name: + description: "Name of a property to set" type: "string" value: + description: "Value of a property to set" type: "string" required: - "name" @@ -3011,25 +4944,54 @@ spec: type: "object" type: "array" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" + ports: + description: "Ports settings for the pods, following the Kubernetes specifications." + items: + description: "Port represents the port definition in the pods objects." + properties: + containerPort: + format: "int32" + type: "integer" + name: + type: "string" + protocol: + type: "string" + required: + - "containerPort" + - "name" + - "protocol" + type: "object" + type: "array" schedulerName: + description: "SchedulerName specifies the scheduler that will be used for scheduling" type: "string" secrets: + description: "Secrets carries information of secrets to add to the pod." items: + description: "SecretInfo captures information of a secret." properties: name: type: "string" path: type: "string" secretType: + description: "SecretType tells the type of a secret." type: "string" required: - "name" @@ -3038,181 +5000,266 @@ spec: type: "object" type: "array" securityContext: + description: "SecurityContext specifies the container's SecurityContext to apply." properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" serviceAccount: + description: "ServiceAccount is the name of the custom Kubernetes service account used by the pod." type: "string" shareProcessNamespace: + description: "ShareProcessNamespace settings for the pod, following the Kubernetes specifications." type: "boolean" sidecars: + description: "Sidecars is a list of sidecar containers that run along side the main Spark container." items: + description: "A single application container that you want to run within a pod." properties: args: + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: + description: "List of environment variables to set in the container.\nCannot be updated." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -3220,49 +5267,74 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -3270,25 +5342,41 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -3296,27 +5384,50 @@ spec: type: "object" type: "object" livenessProbe: + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -3324,62 +5435,84 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: + description: "ContainerPort represents a network port in a single container." properties: containerPort: + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: + description: "What host IP to bind the external port to." type: "string" hostPort: + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: + default: "TCP" + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" - - "protocol" type: "object" type: "array" x-kubernetes-list-map-keys: @@ -3387,27 +5520,50 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -3415,44 +5571,91 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" + resizePolicy: + description: "Resources resize policy for the container." + items: + description: "ContainerResizePolicy represents resource resize policy for the container." + properties: + resourceName: + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." + type: "string" + restartPolicy: + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." + type: "string" + required: + - "resourceName" + - "restartPolicy" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" resources: + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -3460,6 +5663,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3468,85 +5672,144 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" + restartPolicy: + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." + type: "string" securityContext: + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -3554,58 +5817,81 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: + description: "volumeDevices is the list of block devices to be used by the container." items: + description: "volumeDevice describes a mapping of a raw block device within a container." properties: devicePath: + description: "devicePath is the path inside of the container that the device will be mapped to." type: "string" name: + description: "name must match the name of a persistentVolumeClaim in the pod" type: "string" required: - "devicePath" @@ -3613,19 +5899,27 @@ spec: type: "object" type: "array" volumeMounts: + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -3633,44 +5927,61 @@ spec: type: "object" type: "array" workingDir: + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" type: "object" type: "array" terminationGracePeriodSeconds: + description: "Termination grace period seconds for the pod" format: "int64" type: "integer" tolerations: + description: "Tolerations specifies the tolerations listed in \".spec.tolerations\" to be applied to the pod." items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" volumeMounts: + description: "VolumeMounts specifies the volumes listed in \".spec.volumes\" to mount into the main container's filesystem." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -3679,57 +5990,78 @@ spec: type: "array" type: "object" failureRetries: + description: "FailureRetries is the number of times to retry a failed application before giving up.\nThis is best effort and actual retry attempts can be >= the value specified." format: "int32" type: "integer" hadoopConf: additionalProperties: type: "string" + description: "HadoopConf carries user-specified Hadoop configuration properties as they would use the the \"--conf\" option\nin spark-submit. The SparkApplication controller automatically adds prefix \"spark.hadoop.\" to Hadoop\nconfiguration properties." type: "object" hadoopConfigMap: + description: "HadoopConfigMap carries the name of the ConfigMap containing Hadoop configuration files such as core-site.xml.\nThe controller will add environment variable HADOOP_CONF_DIR to the path where the ConfigMap is mounted to." type: "string" image: + description: "Image is the container image for the driver, executor, and init-container. Any custom container images for the\ndriver, executor, or init-container takes precedence over this." type: "string" imagePullPolicy: + description: "ImagePullPolicy is the image pull policy for the driver, executor, and init-container." type: "string" imagePullSecrets: + description: "ImagePullSecrets is the list of image-pull secrets." items: type: "string" type: "array" mainApplicationFile: + description: "MainFile is the path to a bundled JAR, Python, or R file of the application." type: "string" mainClass: + description: "MainClass is the fully-qualified main class of the Spark application.\nThis only applies to Java/Scala Spark applications." type: "string" memoryOverheadFactor: + description: "This sets the Memory Overhead Factor that will allocate memory to non-JVM memory.\nFor JVM-based jobs this value will default to 0.10, for non-JVM jobs 0.40. Value of this field will\nbe overridden by `Spec.Driver.MemoryOverhead` and `Spec.Executor.MemoryOverhead` if they are set." type: "string" mode: + description: "Mode is the deployment mode of the Spark application." enum: - "cluster" - "client" type: "string" monitoring: + description: "Monitoring configures how monitoring is handled." properties: exposeDriverMetrics: + description: "ExposeDriverMetrics specifies whether to expose metrics on the driver." type: "boolean" exposeExecutorMetrics: + description: "ExposeExecutorMetrics specifies whether to expose metrics on the executors." type: "boolean" metricsProperties: + description: "MetricsProperties is the content of a custom metrics.properties for configuring the Spark metric system.\nIf not specified, the content in spark-docker/conf/metrics.properties will be used." type: "string" metricsPropertiesFile: + description: "MetricsPropertiesFile is the container local path of file metrics.properties for configuring\nthe Spark metric system. If not specified, value /etc/metrics/conf/metrics.properties will be used." type: "string" prometheus: + description: "Prometheus is for configuring the Prometheus JMX exporter." properties: configFile: + description: "ConfigFile is the path to the custom Prometheus configuration file provided in the Spark image.\nConfigFile takes precedence over Configuration, which is shown below." type: "string" configuration: + description: "Configuration is the content of the Prometheus configuration needed by the Prometheus JMX exporter.\nIf not specified, the content in spark-docker/conf/prometheus.yaml will be used.\nConfiguration has no effect if ConfigFile is set." type: "string" jmxExporterJar: + description: "JmxExporterJar is the path to the Prometheus JMX exporter jar in the container." type: "string" port: + description: "Port is the port of the HTTP server run by the Prometheus JMX exporter.\nIf not specified, 8090 will be used as the default." format: "int32" maximum: 49151.0 minimum: 1024.0 type: "integer" portName: + description: "PortName is the port name of prometheus JMX exporter port.\nIf not specified, jmx-exporter will be used as the default." type: "string" required: - "jmxExporterJar" @@ -3741,33 +6073,42 @@ spec: nodeSelector: additionalProperties: type: "string" + description: "NodeSelector is the Kubernetes node selector to be added to the driver and executor pods.\nThis field is mutually exclusive with nodeSelector at podSpec level (driver or executor).\nThis field will be deprecated in future versions (at SparkApplicationSpec level)." type: "object" proxyUser: + description: "ProxyUser specifies the user to impersonate when submitting the application.\nIt maps to the command-line flag \"--proxy-user\" in spark-submit." type: "string" pythonVersion: + description: "This sets the major Python version of the docker\nimage used to run the driver and executor containers. Can either be 2 or 3, default 2." enum: - "2" - "3" type: "string" restartPolicy: + description: "RestartPolicy defines the policy on if and in which conditions the controller should restart an application." properties: onFailureRetries: + description: "OnFailureRetries the number of times to retry running an application before giving up." format: "int32" minimum: 0.0 type: "integer" onFailureRetryInterval: + description: "OnFailureRetryInterval is the interval in seconds between retries on failed runs." format: "int64" minimum: 1.0 type: "integer" onSubmissionFailureRetries: + description: "OnSubmissionFailureRetries is the number of times to retry submitting an application before giving up.\nThis is best effort and actual retry attempts can be >= the value specified due to caching.\nThese are required if RestartPolicy is OnFailure." format: "int32" minimum: 0.0 type: "integer" onSubmissionFailureRetryInterval: + description: "OnSubmissionFailureRetryInterval is the interval in seconds between retries on failed submissions." format: "int64" minimum: 1.0 type: "integer" type: + description: "Type specifies the RestartPolicyType." enum: - "Never" - "Always" @@ -3775,51 +6116,71 @@ spec: type: "string" type: "object" retryInterval: + description: "RetryInterval is the unit of intervals in seconds between submission retries." format: "int64" type: "integer" sparkConf: additionalProperties: type: "string" + description: "SparkConf carries user-specified Spark configuration properties as they would use the \"--conf\" option in\nspark-submit." type: "object" sparkConfigMap: + description: "SparkConfigMap carries the name of the ConfigMap containing Spark configuration files such as log4j.properties.\nThe controller will add environment variable SPARK_CONF_DIR to the path where the ConfigMap is mounted to." type: "string" sparkUIOptions: + description: "SparkUIOptions allows configuring the Service and the Ingress to expose the sparkUI" properties: ingressAnnotations: additionalProperties: type: "string" + description: "IngressAnnotations is a map of key,value pairs of annotations that might be added to the ingress object. i.e. specify nginx as ingress.class" type: "object" ingressTLS: + description: "TlsHosts is useful If we need to declare SSL certificates to the ingress object" items: + description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" secretName: + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" serviceAnnotations: additionalProperties: type: "string" + description: "ServiceAnnotations is a map of key,value pairs of annotations that might be added to the service object." type: "object" serviceLabels: additionalProperties: type: "string" + description: "ServiceLables is a map of key,value pairs of labels that might be added to the service object." type: "object" servicePort: + description: "ServicePort allows configuring the port at service level that might be different from the targetPort.\nTargetPort should be the same as the one defined in spark.ui.port" format: "int32" type: "integer" + servicePortName: + description: "ServicePortName allows configuring the name of the service port.\nThis may be useful for sidecar proxies like Envoy injected by Istio which require specific ports names to treat traffic as proper HTTP.\nDefaults to spark-driver-ui-port." + type: "string" serviceType: + description: "ServiceType allows configuring the type of the service. Defaults to ClusterIP." type: "string" type: "object" sparkVersion: + description: "SparkVersion is the version of Spark the application uses." type: "string" timeToLiveSeconds: + description: "TimeToLiveSeconds defines the Time-To-Live (TTL) duration in seconds for this SparkApplication\nafter its termination.\nThe SparkApplication object will be garbage collected if the current time is more than the\nTimeToLiveSeconds since its termination." format: "int64" type: "integer" type: + description: "Type tells the type of the Spark application." enum: - "Java" - "Python" @@ -3827,104 +6188,145 @@ spec: - "R" type: "string" volumes: + description: "Volumes is the list of Kubernetes volumes that can be mounted by the driver and/or executors." items: + description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" type: "object" azureDisk: + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." properties: cachingMode: + description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." type: "string" diskName: + description: "diskName is the Name of the data disk in the blob storage" type: "string" diskURI: + description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: + description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" - "diskURI" type: "object" azureFile: + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: + description: "secretName is the name of secret that contains Azure Storage Account Name and Key" type: "string" shareName: + description: "shareName is the azure share Name" type: "string" required: - "secretName" - "shareName" type: "object" cephfs: + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" path: + description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeID: + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" type: "object" configMap: + description: "configMap represents a configMap that should populate this volume" properties: defaultMode: + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3932,226 +6334,402 @@ spec: type: "object" type: "array" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" csi: + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" readOnly: + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" type: "object" downwardAPI: + description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: + description: "Items is a list of downward API volume file" items: + description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: + description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: + description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" type: "array" type: "object" emptyDir: + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: + metadata: + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." + type: "object" spec: + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" + dataSource: + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." + properties: + apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." + type: "string" + kind: + description: "Kind is the type of resource being referenced" + type: "string" + name: + description: "Name is the name of resource being referenced" + type: "string" + required: + - "kind" + - "name" + type: "object" + x-kubernetes-map-type: "atomic" + dataSourceRef: + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + properties: + apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." + type: "string" + kind: + description: "Kind is the type of resource being referenced" + type: "string" + name: + description: "Name is the name of resource being referenced" + type: "string" + namespace: + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + type: "string" + required: + - "kind" + - "name" + type: "object" resources: + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" requests: - properties: - storage: - type: "string" + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + selector: + description: "selector is a label query over volumes to consider for binding." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" + volumeMode: + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." + type: "string" + volumeName: + description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" + required: + - "spec" type: "object" type: "object" fc: + description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: + description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: + description: "targetWWNs is Optional: FC target worldwide names (WWNs)" items: type: "string" type: "array" wwids: + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: + description: "driver is the name of the driver to use for this volume." type: "string" fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: type: "string" + description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" required: - "driver" type: "object" flocker: + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: + description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: + description: "repository is the URL" type: "string" revision: + description: "revision is the commit hash for the specified revision." type: "string" required: - "repository" type: "object" glusterfs: + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: + description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" type: "boolean" chapAuthSession: + description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: + description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: + description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: + description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" targetPortal: + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -4159,67 +6737,141 @@ spec: - "targetPortal" type: "object" name: + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" type: "object" photonPersistentDisk: + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: + description: "pdID is the ID that identifies Photon Controller persistent disk" type: "string" required: - "pdID" type: "object" portworxVolume: + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: + description: "volumeID uniquely identifies a Portworx volume" type: "string" required: - "volumeID" type: "object" projected: + description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: + description: "sources is the list of volume projections" items: + description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: + description: "configMap information about the configMap data to project" properties: items: + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4227,60 +6879,83 @@ spec: type: "object" type: "array" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: + description: "downwardAPI information about the downwardAPI data to project" properties: items: + description: "Items is a list of DownwardAPIVolume file" items: + description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: + description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: + description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" type: "array" type: "object" secret: + description: "secret information about the secret data to project" properties: items: + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4288,96 +6963,132 @@ spec: type: "object" type: "array" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: + description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" type: "object" type: "object" type: "array" - required: - - "sources" type: "object" quobyte: + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: + description: "volume is a string that references an already created Quobyte volume by name." type: "string" required: - "registry" - "volume" type: "object" rbd: + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" - "monitors" type: "object" scaleIO: + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: + description: "gateway is the host address of the ScaleIO API Gateway." type: "string" protectionDomain: + description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" sslEnabled: + description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: + description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." type: "string" system: + description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -4385,19 +7096,26 @@ spec: - "system" type: "object" secret: + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4405,35 +7123,50 @@ spec: type: "object" type: "array" optional: + description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeName: + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: + description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." type: "string" storagePolicyName: + description: "storagePolicyName is the storage Policy Based Management (SPBM) profile name." type: "string" volumePath: + description: "volumePath is the path that identifies vSphere volume vmdk" type: "string" required: - "volumePath" @@ -4455,26 +7188,33 @@ spec: status: properties: lastRun: + description: "LastRun is the time when the last run of the application started." format: "date-time" nullable: true type: "string" lastRunName: + description: "LastRunName is the name of the SparkApplication for the most recent run of the application." type: "string" nextRun: + description: "NextRun is the time when the next run of the application will start." format: "date-time" nullable: true type: "string" pastFailedRunNames: + description: "PastFailedRunNames keeps the names of SparkApplications for past failed runs." items: type: "string" type: "array" pastSuccessfulRunNames: + description: "PastSuccessfulRunNames keeps the names of SparkApplications for past successful runs." items: type: "string" type: "array" reason: + description: "Reason tells why the ScheduledSparkApplication is in the particular ScheduleState." type: "string" scheduleState: + description: "ScheduleState is the current scheduling state of the application." type: "string" type: "object" required: @@ -4485,9 +7225,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/sparkapplications.yaml b/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/sparkapplications.yaml index 9386b5f8f..648e2fc5e 100644 --- a/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/sparkapplications.yaml +++ b/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/sparkapplications.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubeflow/spark-operator/pull/1298" - controller-gen.kubebuilder.io/version: "(unknown)" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "sparkapplications.sparkoperator.k8s.io" spec: group: "sparkoperator.k8s.io" @@ -35,26 +35,35 @@ spec: name: "v1beta2" schema: openAPIV3Schema: + description: "SparkApplication represents a Spark application running on and using Kubernetes as a cluster manager." properties: apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: + description: "SparkApplicationSpec describes the specification of a Spark application using Kubernetes as a cluster manager.\nIt carries every pieces of information a spark-submit command takes and recognizes." properties: arguments: + description: "Arguments is a list of arguments to be passed to the application." items: type: "string" type: "array" batchScheduler: + description: "BatchScheduler configures which batch scheduler will be used for scheduling" type: "string" batchSchedulerOptions: + description: "BatchSchedulerOptions provides fine-grained control on how to batch scheduling." properties: priorityClassName: + description: "PriorityClassName stands for the name of k8s PriorityClass resource, it's being used in Volcano batch scheduler." type: "string" queue: + description: "Queue stands for the resource queue which the application belongs to, it's being used in Volcano batch scheduler." type: "string" resources: additionalProperties: @@ -63,54 +72,73 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Resources stands for the resource list custom request for. Usually it is used to define the lower-bound limit.\nIf specified, volcano scheduler will consider it as the resources requested." type: "object" type: "object" deps: + description: "Deps captures all possible types of dependencies of a Spark application." properties: excludePackages: + description: "ExcludePackages is a list of \"groupId:artifactId\", to exclude while resolving the\ndependencies provided in Packages to avoid dependency conflicts." items: type: "string" type: "array" files: + description: "Files is a list of files the Spark application depends on." items: type: "string" type: "array" jars: + description: "Jars is a list of JAR files the Spark application depends on." items: type: "string" type: "array" packages: + description: "Packages is a list of maven coordinates of jars to include on the driver and executor\nclasspaths. This will search the local maven repo, then maven central and any additional\nremote repositories given by the \"repositories\" option.\nEach package should be of the form \"groupId:artifactId:version\"." items: type: "string" type: "array" pyFiles: + description: "PyFiles is a list of Python files the Spark application depends on." items: type: "string" type: "array" repositories: + description: "Repositories is a list of additional remote repositories to search for the maven coordinate\ngiven with the \"packages\" option." items: type: "string" type: "array" type: "object" driver: + description: "Driver is the driver specification." properties: affinity: + description: "Affinity specifies the affinity/anti-affinity settings for the pod." properties: nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: + description: "A node selector term, associated with the corresponding weight." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -120,13 +148,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -136,7 +169,9 @@ spec: type: "object" type: "array" type: "object" + x-kubernetes-map-type: "atomic" weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" type: "integer" required: @@ -145,18 +180,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -166,13 +209,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -182,28 +230,40 @@ spec: type: "object" type: "array" type: "object" + x-kubernetes-map-type: "atomic" type: "array" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -215,18 +275,66 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -235,18 +343,69 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -258,13 +417,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -272,22 +435,75 @@ spec: type: "array" type: "object" podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -299,18 +515,23 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -319,18 +540,69 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -342,13 +614,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -359,9 +635,12 @@ spec: annotations: additionalProperties: type: "string" + description: "Annotations are the Kubernetes annotations to be added to the pod." type: "object" configMaps: + description: "ConfigMaps carries information of other ConfigMaps to add to the pod." items: + description: "NamePath is a pair of a name and a path to which the named objects should be mounted to." properties: name: type: "string" @@ -373,116 +652,161 @@ spec: type: "object" type: "array" coreLimit: + description: "CoreLimit specifies a hard limit on CPU cores for the pod.\nOptional" type: "string" coreRequest: + description: "CoreRequest is the physical CPU core request for the driver.\nMaps to `spark.kubernetes.driver.request.cores` that is available since Spark 3.0." type: "string" cores: + description: "Cores maps to `spark.driver.cores` or `spark.executor.cores` for the driver and executors, respectively." format: "int32" minimum: 1.0 type: "integer" dnsConfig: + description: "DnsConfig dns settings for the pod, following the Kubernetes specifications." properties: nameservers: + description: "A list of DNS name server IP addresses.\nThis will be appended to the base nameservers generated from DNSPolicy.\nDuplicated nameservers will be removed." items: type: "string" type: "array" options: + description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." items: + description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: + description: "Required." type: "string" value: type: "string" type: "object" type: "array" searches: + description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." items: type: "string" type: "array" type: "object" env: + description: "Env carries the environment variables to add to the pod." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: + description: "EnvFrom is a list of sources to populate environment variables in the container." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" envSecretKeyRefs: additionalProperties: + description: "NameKey represents the name and key of a SecretKeyRef." properties: key: type: "string" @@ -492,16 +816,21 @@ spec: - "key" - "name" type: "object" + description: "EnvSecretKeyRefs holds a mapping from environment variable names to SecretKeyRefs.\nDeprecated. Consider using `env` instead." type: "object" envVars: additionalProperties: type: "string" + description: "EnvVars carries the environment variables to add to the pod.\nDeprecated. Consider using `env` instead." type: "object" gpu: + description: "GPU specifies GPU requirement for the pod." properties: name: + description: "Name is GPU resource name, such as: nvidia.com/gpu or amd.com/gpu" type: "string" quantity: + description: "Quantity is the number of GPUs to request for driver or executor." format: "int64" type: "integer" required: @@ -509,137 +838,194 @@ spec: - "quantity" type: "object" hostAliases: + description: "HostAliases settings for the pod, following the Kubernetes specifications." items: + description: "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the\npod's hosts file." properties: hostnames: + description: "Hostnames for the above IP address." items: type: "string" type: "array" ip: + description: "IP address of the host file entry." type: "string" type: "object" type: "array" hostNetwork: + description: "HostNetwork indicates whether to request host networking for the pod or not." type: "boolean" image: + description: "Image is the container image to use. Overrides Spec.Image if set." type: "string" initContainers: + description: "InitContainers is a list of init-containers that run to completion before the main Spark container." items: + description: "A single application container that you want to run within a pod." properties: args: + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: + description: "List of environment variables to set in the container.\nCannot be updated." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -647,49 +1033,74 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -697,25 +1108,41 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -723,27 +1150,50 @@ spec: type: "object" type: "object" livenessProbe: + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -751,62 +1201,84 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: + description: "ContainerPort represents a network port in a single container." properties: containerPort: + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: + description: "What host IP to bind the external port to." type: "string" hostPort: + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: + default: "TCP" + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" - - "protocol" type: "object" type: "array" x-kubernetes-list-map-keys: @@ -814,27 +1286,50 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -842,44 +1337,91 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" + resizePolicy: + description: "Resources resize policy for the container." + items: + description: "ContainerResizePolicy represents resource resize policy for the container." + properties: + resourceName: + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." + type: "string" + restartPolicy: + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." + type: "string" + required: + - "resourceName" + - "restartPolicy" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" resources: + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -887,6 +1429,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -895,87 +1438,144 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -983,58 +1583,81 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: + description: "volumeDevices is the list of block devices to be used by the container." items: + description: "volumeDevice describes a mapping of a raw block device within a container." properties: devicePath: + description: "devicePath is the path inside of the container that the device will be mapped to." type: "string" name: + description: "name must match the name of a persistentVolumeClaim in the pod" type: "string" required: - "devicePath" @@ -1042,19 +1665,27 @@ spec: type: "object" type: "array" volumeMounts: + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1062,40 +1693,54 @@ spec: type: "object" type: "array" workingDir: + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" type: "object" type: "array" javaOptions: + description: "JavaOptions is a string of extra JVM options to pass to the driver. For instance,\nGC settings or other logging." type: "string" kubernetesMaster: + description: "KubernetesMaster is the URL of the Kubernetes master used by the driver to manage executor pods and\nother Kubernetes resources. Default to https://kubernetes.default.svc." type: "string" labels: additionalProperties: type: "string" + description: "Labels are the Kubernetes labels to be added to the pod." type: "object" lifecycle: + description: "Lifecycle for running preStop or postStart commands" properties: postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1103,49 +1748,74 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1153,25 +1823,41 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -1179,51 +1865,85 @@ spec: type: "object" type: "object" memory: + description: "Memory is the amount of memory to request for the pod." type: "string" memoryOverhead: + description: "MemoryOverhead is the amount of off-heap memory to allocate in cluster mode, in MiB unless otherwise specified." type: "string" nodeSelector: additionalProperties: type: "string" + description: "NodeSelector is the Kubernetes node selector to be added to the driver and executor pods.\nThis field is mutually exclusive with nodeSelector at SparkApplication level (which will be deprecated)." type: "object" podName: + description: "PodName is the name of the driver pod that the user creates. This is used for the\nin-cluster client mode in which the user creates a client pod where the driver of\nthe user application runs. It's an error to set this field if Mode is not\nin-cluster-client." pattern: "[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*" type: "string" podSecurityContext: + description: "PodSecurityContext specifies the PodSecurityContext to apply." properties: fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." + type: "string" + type: "object" + seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" + type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + type: "string" + required: + - "type" type: "object" supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: + description: "Sysctl defines a kernel parameter to be set" properties: name: + description: "Name of a property to set" type: "string" value: + description: "Value of a property to set" type: "string" required: - "name" @@ -1231,25 +1951,54 @@ spec: type: "object" type: "array" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" + ports: + description: "Ports settings for the pods, following the Kubernetes specifications." + items: + description: "Port represents the port definition in the pods objects." + properties: + containerPort: + format: "int32" + type: "integer" + name: + type: "string" + protocol: + type: "string" + required: + - "containerPort" + - "name" + - "protocol" + type: "object" + type: "array" schedulerName: + description: "SchedulerName specifies the scheduler that will be used for scheduling" type: "string" secrets: + description: "Secrets carries information of secrets to add to the pod." items: + description: "SecretInfo captures information of a secret." properties: name: type: "string" path: type: "string" secretType: + description: "SecretType tells the type of a secret." type: "string" required: - "name" @@ -1258,189 +2007,276 @@ spec: type: "object" type: "array" securityContext: + description: "SecurityContext specifies the container's SecurityContext to apply." properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" serviceAccount: + description: "ServiceAccount is the name of the custom Kubernetes service account used by the pod." type: "string" serviceAnnotations: additionalProperties: type: "string" + description: "ServiceAnnotations defines the annotations to be added to the Kubernetes headless service used by\nexecutors to connect to the driver." type: "object" serviceLabels: additionalProperties: type: "string" + description: "ServiceLabels defines the labels to be added to the Kubernetes headless service used by\nexecutors to connect to the driver." type: "object" shareProcessNamespace: + description: "ShareProcessNamespace settings for the pod, following the Kubernetes specifications." type: "boolean" sidecars: + description: "Sidecars is a list of sidecar containers that run along side the main Spark container." items: + description: "A single application container that you want to run within a pod." properties: args: + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: + description: "List of environment variables to set in the container.\nCannot be updated." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1448,49 +2284,74 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1498,25 +2359,41 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -1524,27 +2401,50 @@ spec: type: "object" type: "object" livenessProbe: + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1552,62 +2452,84 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: + description: "ContainerPort represents a network port in a single container." properties: containerPort: + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: + description: "What host IP to bind the external port to." type: "string" hostPort: + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: + default: "TCP" + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" - - "protocol" type: "object" type: "array" x-kubernetes-list-map-keys: @@ -1615,27 +2537,50 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1643,44 +2588,91 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" + resizePolicy: + description: "Resources resize policy for the container." + items: + description: "ContainerResizePolicy represents resource resize policy for the container." + properties: + resourceName: + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." + type: "string" + restartPolicy: + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." + type: "string" + required: + - "resourceName" + - "restartPolicy" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" resources: + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -1688,6 +2680,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1696,85 +2689,144 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" + restartPolicy: + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." + type: "string" securityContext: + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -1782,58 +2834,81 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: + description: "volumeDevices is the list of block devices to be used by the container." items: + description: "volumeDevice describes a mapping of a raw block device within a container." properties: devicePath: + description: "devicePath is the path inside of the container that the device will be mapped to." type: "string" name: + description: "name must match the name of a persistentVolumeClaim in the pod" type: "string" required: - "devicePath" @@ -1841,19 +2916,27 @@ spec: type: "object" type: "array" volumeMounts: + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1861,44 +2944,61 @@ spec: type: "object" type: "array" workingDir: + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" type: "object" type: "array" terminationGracePeriodSeconds: + description: "Termination grace period seconds for the pod" format: "int64" type: "integer" tolerations: + description: "Tolerations specifies the tolerations listed in \".spec.tolerations\" to be applied to the pod." items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" volumeMounts: + description: "VolumeMounts specifies the volumes listed in \".spec.volumes\" to mount into the main container's filesystem." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1907,78 +3007,112 @@ spec: type: "array" type: "object" driverIngressOptions: + description: "DriverIngressOptions allows configuring the Service and the Ingress to expose ports inside Spark Driver" items: + description: "DriverIngressConfiguration is for driver ingress specific configuration parameters." properties: ingressAnnotations: additionalProperties: type: "string" + description: "IngressAnnotations is a map of key,value pairs of annotations that might be added to the ingress object. i.e. specify nginx as ingress.class" type: "object" ingressTLS: + description: "TlsHosts is useful If we need to declare SSL certificates to the ingress object" items: + description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" secretName: + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" ingressURLFormat: + description: "IngressURLFormat is the URL for the ingress." type: "string" serviceAnnotations: additionalProperties: type: "string" + description: "ServiceAnnotations is a map of key,value pairs of annotations that might be added to the service object." type: "object" serviceLabels: additionalProperties: type: "string" + description: "ServiceLables is a map of key,value pairs of labels that might be added to the service object." type: "object" servicePort: + description: "ServicePort allows configuring the port at service level that might be different from the targetPort." format: "int32" type: "integer" servicePortName: + description: "ServicePortName allows configuring the name of the service port.\nThis may be useful for sidecar proxies like Envoy injected by Istio which require specific ports names to treat traffic as proper HTTP." type: "string" serviceType: + description: "ServiceType allows configuring the type of the service. Defaults to ClusterIP." type: "string" + required: + - "servicePort" + - "servicePortName" type: "object" type: "array" dynamicAllocation: + description: "DynamicAllocation configures dynamic allocation that becomes available for the Kubernetes\nscheduler backend since Spark 3.0." properties: enabled: + description: "Enabled controls whether dynamic allocation is enabled or not." type: "boolean" initialExecutors: + description: "InitialExecutors is the initial number of executors to request. If .spec.executor.instances\nis also set, the initial number of executors is set to the bigger of that and this option." format: "int32" type: "integer" maxExecutors: + description: "MaxExecutors is the upper bound for the number of executors if dynamic allocation is enabled." format: "int32" type: "integer" minExecutors: + description: "MinExecutors is the lower bound for the number of executors if dynamic allocation is enabled." format: "int32" type: "integer" shuffleTrackingTimeout: + description: "ShuffleTrackingTimeout controls the timeout in milliseconds for executors that are holding\nshuffle data if shuffle tracking is enabled (true by default if dynamic allocation is enabled)." format: "int64" type: "integer" type: "object" executor: + description: "Executor is the executor specification." properties: affinity: + description: "Affinity specifies the affinity/anti-affinity settings for the pod." properties: nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: + description: "A node selector term, associated with the corresponding weight." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1988,13 +3122,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2004,7 +3143,9 @@ spec: type: "object" type: "array" type: "object" + x-kubernetes-map-type: "atomic" weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." format: "int32" type: "integer" required: @@ -2013,18 +3154,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: + description: "A list of node selector requirements by node's labels." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2034,13 +3183,18 @@ spec: type: "object" type: "array" matchFields: + description: "A list of node selector requirements by node's fields." items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: + description: "The label key that the selector applies to." type: "string" operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2050,28 +3204,40 @@ spec: type: "object" type: "array" type: "object" + x-kubernetes-map-type: "atomic" type: "array" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" type: "object" podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2083,38 +3249,137 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" - namespaces: + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" - topologyKey: - type: "string" - required: - - "topologyKey" - type: "object" - weight: - format: "int32" - type: "integer" - required: - - "podAffinityTerm" - - "weight" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2126,13 +3391,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -2140,22 +3409,32 @@ spec: type: "array" type: "object" podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2167,18 +3446,66 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -2187,18 +3514,69 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: + description: "key is the label key that the selector applies to." type: "string" operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2210,13 +3588,17 @@ spec: matchLabels: additionalProperties: type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -2227,9 +3609,12 @@ spec: annotations: additionalProperties: type: "string" + description: "Annotations are the Kubernetes annotations to be added to the pod." type: "object" configMaps: + description: "ConfigMaps carries information of other ConfigMaps to add to the pod." items: + description: "NamePath is a pair of a name and a path to which the named objects should be mounted to." properties: name: type: "string" @@ -2241,118 +3626,164 @@ spec: type: "object" type: "array" coreLimit: + description: "CoreLimit specifies a hard limit on CPU cores for the pod.\nOptional" type: "string" coreRequest: + description: "CoreRequest is the physical CPU core request for the executors.\nMaps to `spark.kubernetes.executor.request.cores` that is available since Spark 2.4." type: "string" cores: + description: "Cores maps to `spark.driver.cores` or `spark.executor.cores` for the driver and executors, respectively." format: "int32" minimum: 1.0 type: "integer" deleteOnTermination: + description: "DeleteOnTermination specify whether executor pods should be deleted in case of failure or normal termination.\nMaps to `spark.kubernetes.executor.deleteOnTermination` that is available since Spark 3.0." type: "boolean" dnsConfig: + description: "DnsConfig dns settings for the pod, following the Kubernetes specifications." properties: nameservers: + description: "A list of DNS name server IP addresses.\nThis will be appended to the base nameservers generated from DNSPolicy.\nDuplicated nameservers will be removed." items: type: "string" type: "array" options: + description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." items: + description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: + description: "Required." type: "string" value: type: "string" type: "object" type: "array" searches: + description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." items: type: "string" type: "array" type: "object" env: + description: "Env carries the environment variables to add to the pod." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: + description: "EnvFrom is a list of sources to populate environment variables in the container." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" envSecretKeyRefs: additionalProperties: + description: "NameKey represents the name and key of a SecretKeyRef." properties: key: type: "string" @@ -2362,16 +3793,21 @@ spec: - "key" - "name" type: "object" + description: "EnvSecretKeyRefs holds a mapping from environment variable names to SecretKeyRefs.\nDeprecated. Consider using `env` instead." type: "object" envVars: additionalProperties: type: "string" + description: "EnvVars carries the environment variables to add to the pod.\nDeprecated. Consider using `env` instead." type: "object" gpu: + description: "GPU specifies GPU requirement for the pod." properties: name: + description: "Name is GPU resource name, such as: nvidia.com/gpu or amd.com/gpu" type: "string" quantity: + description: "Quantity is the number of GPUs to request for driver or executor." format: "int64" type: "integer" required: @@ -2379,137 +3815,194 @@ spec: - "quantity" type: "object" hostAliases: + description: "HostAliases settings for the pod, following the Kubernetes specifications." items: + description: "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the\npod's hosts file." properties: hostnames: + description: "Hostnames for the above IP address." items: type: "string" type: "array" ip: + description: "IP address of the host file entry." type: "string" type: "object" type: "array" hostNetwork: + description: "HostNetwork indicates whether to request host networking for the pod or not." type: "boolean" image: + description: "Image is the container image to use. Overrides Spec.Image if set." type: "string" initContainers: + description: "InitContainers is a list of init-containers that run to completion before the main Spark container." items: + description: "A single application container that you want to run within a pod." properties: args: + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: + description: "List of environment variables to set in the container.\nCannot be updated." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -2517,49 +4010,74 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -2567,25 +4085,41 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -2593,27 +4127,50 @@ spec: type: "object" type: "object" livenessProbe: + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -2621,62 +4178,84 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: + description: "ContainerPort represents a network port in a single container." properties: containerPort: + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: + description: "What host IP to bind the external port to." type: "string" hostPort: + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: + default: "TCP" + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" - - "protocol" type: "object" type: "array" x-kubernetes-list-map-keys: @@ -2684,27 +4263,50 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -2712,44 +4314,91 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" + resizePolicy: + description: "Resources resize policy for the container." + items: + description: "ContainerResizePolicy represents resource resize policy for the container." + properties: + resourceName: + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." + type: "string" + restartPolicy: + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." + type: "string" + required: + - "resourceName" + - "restartPolicy" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" resources: + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -2757,6 +4406,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2765,87 +4415,144 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -2853,58 +4560,81 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: + description: "volumeDevices is the list of block devices to be used by the container." items: + description: "volumeDevice describes a mapping of a raw block device within a container." properties: devicePath: + description: "devicePath is the path inside of the container that the device will be mapped to." type: "string" name: + description: "name must match the name of a persistentVolumeClaim in the pod" type: "string" required: - "devicePath" @@ -2912,19 +4642,27 @@ spec: type: "object" type: "array" volumeMounts: + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -2932,64 +4670,255 @@ spec: type: "object" type: "array" workingDir: + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" type: "object" type: "array" instances: + description: "Instances is the number of executor instances." format: "int32" minimum: 1.0 type: "integer" javaOptions: + description: "JavaOptions is a string of extra JVM options to pass to the executors. For instance,\nGC settings or other logging." type: "string" labels: additionalProperties: type: "string" + description: "Labels are the Kubernetes labels to be added to the pod." + type: "object" + lifecycle: + description: "Lifecycle for running preStop or postStart commands" + properties: + postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: "Exec specifies the action to take." + properties: + command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." + items: + type: "string" + type: "array" + type: "object" + httpGet: + description: "HTTPGet specifies the http request to perform." + properties: + host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." + type: "string" + httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." + items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" + properties: + name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." + type: "string" + value: + description: "The header field value" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + path: + description: "Path to access on the HTTP server." + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." + x-kubernetes-int-or-string: true + scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." + type: "string" + required: + - "port" + type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" + tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + properties: + host: + description: "Optional: Host name to connect to, defaults to the pod IP." + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" + type: "object" + preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + properties: + exec: + description: "Exec specifies the action to take." + properties: + command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." + items: + type: "string" + type: "array" + type: "object" + httpGet: + description: "HTTPGet specifies the http request to perform." + properties: + host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." + type: "string" + httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." + items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" + properties: + name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." + type: "string" + value: + description: "The header field value" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + path: + description: "Path to access on the HTTP server." + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." + x-kubernetes-int-or-string: true + scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." + type: "string" + required: + - "port" + type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" + tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + properties: + host: + description: "Optional: Host name to connect to, defaults to the pod IP." + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" + type: "object" type: "object" memory: + description: "Memory is the amount of memory to request for the pod." type: "string" memoryOverhead: + description: "MemoryOverhead is the amount of off-heap memory to allocate in cluster mode, in MiB unless otherwise specified." type: "string" nodeSelector: additionalProperties: type: "string" + description: "NodeSelector is the Kubernetes node selector to be added to the driver and executor pods.\nThis field is mutually exclusive with nodeSelector at SparkApplication level (which will be deprecated)." type: "object" podSecurityContext: + description: "PodSecurityContext specifies the PodSecurityContext to apply." properties: fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." + type: "string" + type: "object" + seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" + type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: + description: "Sysctl defines a kernel parameter to be set" properties: name: + description: "Name of a property to set" type: "string" value: + description: "Value of a property to set" type: "string" required: - "name" @@ -2997,25 +4926,54 @@ spec: type: "object" type: "array" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" + ports: + description: "Ports settings for the pods, following the Kubernetes specifications." + items: + description: "Port represents the port definition in the pods objects." + properties: + containerPort: + format: "int32" + type: "integer" + name: + type: "string" + protocol: + type: "string" + required: + - "containerPort" + - "name" + - "protocol" + type: "object" + type: "array" schedulerName: + description: "SchedulerName specifies the scheduler that will be used for scheduling" type: "string" secrets: + description: "Secrets carries information of secrets to add to the pod." items: + description: "SecretInfo captures information of a secret." properties: name: type: "string" path: type: "string" secretType: + description: "SecretType tells the type of a secret." type: "string" required: - "name" @@ -3024,181 +4982,266 @@ spec: type: "object" type: "array" securityContext: + description: "SecurityContext specifies the container's SecurityContext to apply." properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" serviceAccount: + description: "ServiceAccount is the name of the custom Kubernetes service account used by the pod." type: "string" shareProcessNamespace: + description: "ShareProcessNamespace settings for the pod, following the Kubernetes specifications." type: "boolean" sidecars: + description: "Sidecars is a list of sidecar containers that run along side the main Spark container." items: + description: "A single application container that you want to run within a pod." properties: args: + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: + description: "List of environment variables to set in the container.\nCannot be updated." items: + description: "EnvVar represents an environment variable present in a Container." properties: name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: configMapKeyRef: + description: "Selects a key of a ConfigMap." properties: key: + description: "The key to select." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" properties: key: + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: + description: "EnvFromSource represents the source of a set of ConfigMaps" properties: configMapRef: + description: "The ConfigMap to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" secretRef: + description: "The Secret to select from" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -3206,49 +5249,74 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -3256,25 +5324,41 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -3282,27 +5366,50 @@ spec: type: "object" type: "object" livenessProbe: + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -3310,62 +5417,84 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: + description: "ContainerPort represents a network port in a single container." properties: containerPort: + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: + description: "What host IP to bind the external port to." type: "string" hostPort: + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: + default: "TCP" + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" - - "protocol" type: "object" type: "array" x-kubernetes-list-map-keys: @@ -3373,27 +5502,50 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -3401,44 +5553,91 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" + resizePolicy: + description: "Resources resize policy for the container." + items: + description: "ContainerResizePolicy represents resource resize policy for the container." + properties: + resourceName: + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." + type: "string" + restartPolicy: + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." + type: "string" + required: + - "resourceName" + - "restartPolicy" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" resources: + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -3446,6 +5645,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3454,85 +5654,144 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" + restartPolicy: + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." + type: "string" securityContext: + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: + description: "Added capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" drop: + description: "Removed capabilities" items: + description: "Capability represent POSIX capabilities type" type: "string" type: "array" type: "object" privileged: + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: + description: "Level is SELinux level label that applies to the container." type: "string" role: + description: "Role is a SELinux role label that applies to the container." type: "string" type: + description: "Type is a SELinux type label that applies to the container." type: "string" user: + description: "User is a SELinux user label that applies to the container." type: "string" type: "object" seccompProfile: + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" + required: + - "type" type: "object" windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: + description: "Exec specifies the action to take." properties: command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" httpGet: + description: "HTTPGet specifies the http request to perform." properties: host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: + description: "The header field value" type: "string" required: - "name" @@ -3540,58 +5799,81 @@ spec: type: "object" type: "array" path: + description: "Path to access on the HTTP server." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." properties: host: + description: "Optional: Host name to connect to, defaults to the pod IP." type: "string" port: anyOf: - type: "integer" - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: + description: "volumeDevices is the list of block devices to be used by the container." items: + description: "volumeDevice describes a mapping of a raw block device within a container." properties: devicePath: + description: "devicePath is the path inside of the container that the device will be mapped to." type: "string" name: + description: "name must match the name of a persistentVolumeClaim in the pod" type: "string" required: - "devicePath" @@ -3599,19 +5881,27 @@ spec: type: "object" type: "array" volumeMounts: + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -3619,44 +5909,61 @@ spec: type: "object" type: "array" workingDir: + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" type: "object" type: "array" terminationGracePeriodSeconds: + description: "Termination grace period seconds for the pod" format: "int64" type: "integer" tolerations: + description: "Tolerations specifies the tolerations listed in \".spec.tolerations\" to be applied to the pod." items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" volumeMounts: + description: "VolumeMounts specifies the volumes listed in \".spec.volumes\" to mount into the main container's filesystem." items: + description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: + description: "This must match the Name of a Volume." type: "string" readOnly: + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -3665,57 +5972,78 @@ spec: type: "array" type: "object" failureRetries: + description: "FailureRetries is the number of times to retry a failed application before giving up.\nThis is best effort and actual retry attempts can be >= the value specified." format: "int32" type: "integer" hadoopConf: additionalProperties: type: "string" + description: "HadoopConf carries user-specified Hadoop configuration properties as they would use the the \"--conf\" option\nin spark-submit. The SparkApplication controller automatically adds prefix \"spark.hadoop.\" to Hadoop\nconfiguration properties." type: "object" hadoopConfigMap: + description: "HadoopConfigMap carries the name of the ConfigMap containing Hadoop configuration files such as core-site.xml.\nThe controller will add environment variable HADOOP_CONF_DIR to the path where the ConfigMap is mounted to." type: "string" image: + description: "Image is the container image for the driver, executor, and init-container. Any custom container images for the\ndriver, executor, or init-container takes precedence over this." type: "string" imagePullPolicy: + description: "ImagePullPolicy is the image pull policy for the driver, executor, and init-container." type: "string" imagePullSecrets: + description: "ImagePullSecrets is the list of image-pull secrets." items: type: "string" type: "array" mainApplicationFile: + description: "MainFile is the path to a bundled JAR, Python, or R file of the application." type: "string" mainClass: + description: "MainClass is the fully-qualified main class of the Spark application.\nThis only applies to Java/Scala Spark applications." type: "string" memoryOverheadFactor: + description: "This sets the Memory Overhead Factor that will allocate memory to non-JVM memory.\nFor JVM-based jobs this value will default to 0.10, for non-JVM jobs 0.40. Value of this field will\nbe overridden by `Spec.Driver.MemoryOverhead` and `Spec.Executor.MemoryOverhead` if they are set." type: "string" mode: + description: "Mode is the deployment mode of the Spark application." enum: - "cluster" - "client" type: "string" monitoring: + description: "Monitoring configures how monitoring is handled." properties: exposeDriverMetrics: + description: "ExposeDriverMetrics specifies whether to expose metrics on the driver." type: "boolean" exposeExecutorMetrics: + description: "ExposeExecutorMetrics specifies whether to expose metrics on the executors." type: "boolean" metricsProperties: + description: "MetricsProperties is the content of a custom metrics.properties for configuring the Spark metric system.\nIf not specified, the content in spark-docker/conf/metrics.properties will be used." type: "string" metricsPropertiesFile: + description: "MetricsPropertiesFile is the container local path of file metrics.properties for configuring\nthe Spark metric system. If not specified, value /etc/metrics/conf/metrics.properties will be used." type: "string" prometheus: + description: "Prometheus is for configuring the Prometheus JMX exporter." properties: configFile: + description: "ConfigFile is the path to the custom Prometheus configuration file provided in the Spark image.\nConfigFile takes precedence over Configuration, which is shown below." type: "string" configuration: + description: "Configuration is the content of the Prometheus configuration needed by the Prometheus JMX exporter.\nIf not specified, the content in spark-docker/conf/prometheus.yaml will be used.\nConfiguration has no effect if ConfigFile is set." type: "string" jmxExporterJar: + description: "JmxExporterJar is the path to the Prometheus JMX exporter jar in the container." type: "string" port: + description: "Port is the port of the HTTP server run by the Prometheus JMX exporter.\nIf not specified, 8090 will be used as the default." format: "int32" maximum: 49151.0 minimum: 1024.0 type: "integer" portName: + description: "PortName is the port name of prometheus JMX exporter port.\nIf not specified, jmx-exporter will be used as the default." type: "string" required: - "jmxExporterJar" @@ -3727,33 +6055,42 @@ spec: nodeSelector: additionalProperties: type: "string" + description: "NodeSelector is the Kubernetes node selector to be added to the driver and executor pods.\nThis field is mutually exclusive with nodeSelector at podSpec level (driver or executor).\nThis field will be deprecated in future versions (at SparkApplicationSpec level)." type: "object" proxyUser: + description: "ProxyUser specifies the user to impersonate when submitting the application.\nIt maps to the command-line flag \"--proxy-user\" in spark-submit." type: "string" pythonVersion: + description: "This sets the major Python version of the docker\nimage used to run the driver and executor containers. Can either be 2 or 3, default 2." enum: - "2" - "3" type: "string" restartPolicy: + description: "RestartPolicy defines the policy on if and in which conditions the controller should restart an application." properties: onFailureRetries: + description: "OnFailureRetries the number of times to retry running an application before giving up." format: "int32" minimum: 0.0 type: "integer" onFailureRetryInterval: + description: "OnFailureRetryInterval is the interval in seconds between retries on failed runs." format: "int64" minimum: 1.0 type: "integer" onSubmissionFailureRetries: + description: "OnSubmissionFailureRetries is the number of times to retry submitting an application before giving up.\nThis is best effort and actual retry attempts can be >= the value specified due to caching.\nThese are required if RestartPolicy is OnFailure." format: "int32" minimum: 0.0 type: "integer" onSubmissionFailureRetryInterval: + description: "OnSubmissionFailureRetryInterval is the interval in seconds between retries on failed submissions." format: "int64" minimum: 1.0 type: "integer" type: + description: "Type specifies the RestartPolicyType." enum: - "Never" - "Always" @@ -3761,53 +6098,71 @@ spec: type: "string" type: "object" retryInterval: + description: "RetryInterval is the unit of intervals in seconds between submission retries." format: "int64" type: "integer" sparkConf: additionalProperties: type: "string" + description: "SparkConf carries user-specified Spark configuration properties as they would use the \"--conf\" option in\nspark-submit." type: "object" sparkConfigMap: + description: "SparkConfigMap carries the name of the ConfigMap containing Spark configuration files such as log4j.properties.\nThe controller will add environment variable SPARK_CONF_DIR to the path where the ConfigMap is mounted to." type: "string" sparkUIOptions: + description: "SparkUIOptions allows configuring the Service and the Ingress to expose the sparkUI" properties: ingressAnnotations: additionalProperties: type: "string" + description: "IngressAnnotations is a map of key,value pairs of annotations that might be added to the ingress object. i.e. specify nginx as ingress.class" type: "object" ingressTLS: + description: "TlsHosts is useful If we need to declare SSL certificates to the ingress object" items: + description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" secretName: + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" serviceAnnotations: additionalProperties: type: "string" + description: "ServiceAnnotations is a map of key,value pairs of annotations that might be added to the service object." type: "object" serviceLabels: additionalProperties: type: "string" + description: "ServiceLables is a map of key,value pairs of labels that might be added to the service object." type: "object" servicePort: + description: "ServicePort allows configuring the port at service level that might be different from the targetPort.\nTargetPort should be the same as the one defined in spark.ui.port" format: "int32" type: "integer" servicePortName: + description: "ServicePortName allows configuring the name of the service port.\nThis may be useful for sidecar proxies like Envoy injected by Istio which require specific ports names to treat traffic as proper HTTP.\nDefaults to spark-driver-ui-port." type: "string" serviceType: + description: "ServiceType allows configuring the type of the service. Defaults to ClusterIP." type: "string" type: "object" sparkVersion: + description: "SparkVersion is the version of Spark the application uses." type: "string" timeToLiveSeconds: + description: "TimeToLiveSeconds defines the Time-To-Live (TTL) duration in seconds for this SparkApplication\nafter its termination.\nThe SparkApplication object will be garbage collected if the current time is more than the\nTimeToLiveSeconds since its termination." format: "int64" type: "integer" type: + description: "Type tells the type of the Spark application." enum: - "Java" - "Python" @@ -3815,104 +6170,145 @@ spec: - "R" type: "string" volumes: + description: "Volumes is the list of Kubernetes volumes that can be mounted by the driver and/or executors." items: + description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" type: "object" azureDisk: + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." properties: cachingMode: + description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." type: "string" diskName: + description: "diskName is the Name of the data disk in the blob storage" type: "string" diskURI: + description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: + description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" - "diskURI" type: "object" azureFile: + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: + description: "secretName is the name of secret that contains Azure Storage Account Name and Key" type: "string" shareName: + description: "shareName is the azure share Name" type: "string" required: - "secretName" - "shareName" type: "object" cephfs: + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" path: + description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeID: + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" type: "object" configMap: + description: "configMap represents a configMap that should populate this volume" properties: defaultMode: + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3920,226 +6316,402 @@ spec: type: "object" type: "array" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" csi: + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" readOnly: + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" type: "object" downwardAPI: + description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: + description: "Items is a list of downward API volume file" items: + description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: + description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: + description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" type: "array" type: "object" emptyDir: + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: + metadata: + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." + type: "object" spec: + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" + dataSource: + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." + properties: + apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." + type: "string" + kind: + description: "Kind is the type of resource being referenced" + type: "string" + name: + description: "Name is the name of resource being referenced" + type: "string" + required: + - "kind" + - "name" + type: "object" + x-kubernetes-map-type: "atomic" + dataSourceRef: + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + properties: + apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." + type: "string" + kind: + description: "Kind is the type of resource being referenced" + type: "string" + name: + description: "Name is the name of resource being referenced" + type: "string" + namespace: + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + type: "string" + required: + - "kind" + - "name" + type: "object" resources: + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" requests: - properties: - storage: - type: "string" + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + selector: + description: "selector is a label query over volumes to consider for binding." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" + volumeMode: + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." + type: "string" + volumeName: + description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" + required: + - "spec" type: "object" type: "object" fc: + description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: + description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: + description: "targetWWNs is Optional: FC target worldwide names (WWNs)" items: type: "string" type: "array" wwids: + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: + description: "driver is the name of the driver to use for this volume." type: "string" fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: type: "string" + description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" required: - "driver" type: "object" flocker: + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: + description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: + description: "repository is the URL" type: "string" revision: + description: "revision is the commit hash for the specified revision." type: "string" required: - "repository" type: "object" glusterfs: + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: + description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" type: "boolean" chapAuthSession: + description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: + description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: + description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: + description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" targetPortal: + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -4147,67 +6719,141 @@ spec: - "targetPortal" type: "object" name: + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" type: "object" photonPersistentDisk: + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: + description: "pdID is the ID that identifies Photon Controller persistent disk" type: "string" required: - "pdID" type: "object" portworxVolume: + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: + description: "volumeID uniquely identifies a Portworx volume" type: "string" required: - "volumeID" type: "object" projected: + description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: + description: "sources is the list of volume projections" items: + description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: + description: "configMap information about the configMap data to project" properties: items: + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4215,60 +6861,83 @@ spec: type: "object" type: "array" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: + description: "downwardAPI information about the downwardAPI data to project" properties: items: + description: "Items is a list of DownwardAPIVolume file" items: + description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: + description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." properties: apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." type: "string" fieldPath: + description: "Path of the field to select in the specified API version." type: "string" required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: + description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: + description: "Container name: required for volumes, optional for env vars" type: "string" divisor: anyOf: - type: "integer" - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true resource: + description: "Required: resource to select" type: "string" required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" type: "array" type: "object" secret: + description: "secret information about the secret data to project" properties: items: + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4276,96 +6945,132 @@ spec: type: "object" type: "array" name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: + description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: + description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" type: "object" type: "object" type: "array" - required: - - "sources" type: "object" quobyte: + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: + description: "volume is a string that references an already created Quobyte volume by name." type: "string" required: - "registry" - "volume" type: "object" rbd: + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" - "monitors" type: "object" scaleIO: + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: + description: "gateway is the host address of the ScaleIO API Gateway." type: "string" protectionDomain: + description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" sslEnabled: + description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: + description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." type: "string" system: + description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -4373,19 +7078,26 @@ spec: - "system" type: "object" secret: + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: + description: "Maps a string key to a path within a volume." properties: key: + description: "key is the key to project." type: "string" mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4393,35 +7105,50 @@ spec: type: "object" type: "array" optional: + description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeName: + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: + description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." type: "string" storagePolicyName: + description: "storagePolicyName is the storage Policy Based Management (SPBM) profile name." type: "string" volumePath: + description: "volumePath is the path that identifies vSphere volume vmdk" type: "string" required: - "volumePath" @@ -4437,17 +7164,21 @@ spec: - "type" type: "object" status: + description: "SparkApplicationStatus describes the current status of a Spark application." properties: applicationState: + description: "AppState tells the overall application state." properties: errorMessage: type: "string" state: + description: "ApplicationStateType represents the type of the current state of an application." type: "string" required: - "state" type: "object" driverInfo: + description: "DriverInfo has information about the driver." properties: podName: type: "string" @@ -4456,32 +7187,42 @@ spec: webUIIngressAddress: type: "string" webUIIngressName: + description: "Ingress Details if an ingress for the UI was created." type: "string" webUIPort: + description: "UI Details for the UI created via ClusterIP service accessible from within the cluster." format: "int32" type: "integer" webUIServiceName: type: "string" type: "object" executionAttempts: + description: "ExecutionAttempts is the total number of attempts to run a submitted application to completion.\nIncremented upon each attempted run of the application and reset upon invalidation." format: "int32" type: "integer" executorState: additionalProperties: + description: "ExecutorState tells the current state of an executor." type: "string" + description: "ExecutorState records the state of executors by executor Pod names." type: "object" lastSubmissionAttemptTime: + description: "LastSubmissionAttemptTime is the time for the last application submission attempt." format: "date-time" nullable: true type: "string" sparkApplicationId: + description: "SparkApplicationID is set by the spark-distribution(via spark.app.id config) on the driver and executor pods" type: "string" submissionAttempts: + description: "SubmissionAttempts is the total number of attempts to submit an application to run.\nIncremented upon each attempted submission of the application and reset upon invalidation and rerun." format: "int32" type: "integer" submissionID: + description: "SubmissionID is a unique ID of the current submission of the application." type: "string" terminationTime: + description: "CompletionTime is the time when the application runs to completion if it does." format: "date-time" nullable: true type: "string" @@ -4496,9 +7237,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/Kuadrant/authorino-operator/operator.authorino.kuadrant.io/v1beta1/authorinos.yaml b/crd-catalog/Kuadrant/authorino-operator/operator.authorino.kuadrant.io/v1beta1/authorinos.yaml index e61ed3111..ff9a67d92 100644 --- a/crd-catalog/Kuadrant/authorino-operator/operator.authorino.kuadrant.io/v1beta1/authorinos.yaml +++ b/crd-catalog/Kuadrant/authorino-operator/operator.authorino.kuadrant.io/v1beta1/authorinos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "authorinos.operator.authorino.kuadrant.io" spec: group: "operator.authorino.kuadrant.io" @@ -19,10 +19,10 @@ spec: description: "Authorino is the Schema for the authorinos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -53,7 +53,7 @@ spec: description: "Maximum payload (request body) size for the auth service (HTTP interface), in bytes." type: "integer" port: - description: "Port number of the GRPC interface. DEPRECATED: use 'ports.grpc' instead." + description: "Port number of the GRPC interface.\nDEPRECATED: use 'ports.grpc' instead." format: "int32" type: "integer" ports: @@ -73,12 +73,13 @@ spec: description: "TLS configuration of the auth service (GRPC and HTTP interfaces)." properties: certSecretRef: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" enabled: type: "boolean" type: "object" @@ -105,12 +106,13 @@ spec: tls: properties: certSecretRef: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" enabled: type: "boolean" type: "object" @@ -160,11 +162,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -195,7 +197,7 @@ spec: description: "AuthorinoStatus defines the observed state of Authorino" properties: conditions: - description: "Conditions is an array of the current Authorino's CR conditions Supported condition types: ConditionReady" + description: "Conditions is an array of the current Authorino's CR conditions\nSupported condition types: ConditionReady" items: properties: lastTransitionTime: @@ -232,9 +234,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/Kuadrant/dns-operator/kuadrant.io/v1alpha1/dnsrecords.yaml b/crd-catalog/Kuadrant/dns-operator/kuadrant.io/v1alpha1/dnsrecords.yaml index 5e2a2ff34..b7da1a606 100644 --- a/crd-catalog/Kuadrant/dns-operator/kuadrant.io/v1alpha1/dnsrecords.yaml +++ b/crd-catalog/Kuadrant/dns-operator/kuadrant.io/v1alpha1/dnsrecords.yaml @@ -80,13 +80,27 @@ spec: description: "HealthCheckSpec configures health checks in the DNS provider.\nBy default this health check will be applied to each unique DNS A Record for\nthe listeners assigned to the target gateway" properties: endpoint: + description: "Endpoint is the path to append to the host to reach the expected health check.\nMust start with \"?\" or \"/\", contain only valid URL characters and end with alphanumeric char or \"/\". For example \"/\" or \"/healthz\" are common" + pattern: "^(?:\\?|\\/)[\\w\\-.~:\\/?#\\[\\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\\/){1}$" type: "string" failureThreshold: + description: "FailureThreshold is a limit of consecutive failures that must occur for a host to be considered unhealthy" type: "integer" + x-kubernetes-validations: + - message: "Failure threshold must be greater than 0" + rule: "self > 0" port: + description: "Port to connect to the host on. Must be either 80, 443 or 1024-49151" type: "integer" + x-kubernetes-validations: + - message: "Only ports 80, 443, 1024-49151 are allowed" + rule: "self in [80, 443] || (self >= 1024 && self <= 49151)" protocol: + description: "Protocol to use when connecting to the host, valid values are \"HTTP\" or \"HTTPS\"" type: "string" + x-kubernetes-validations: + - message: "Only HTTP or HTTPS protocols are allowed" + rule: "self in ['HTTP','HTTPS']" type: "object" managedZone: description: "managedZone is a reference to a ManagedZone instance to which this record will publish its endpoints." @@ -106,8 +120,10 @@ spec: - message: "OwnerID is immutable" rule: "self == oldSelf" rootHost: - description: "rootHost is the single root for all endpoints in a DNSRecord.\nit is expected all defined endpoints are children of or equal to this rootHost" + description: "rootHost is the single root for all endpoints in a DNSRecord.\nit is expected all defined endpoints are children of or equal to this rootHost\nMust contain at least two groups of valid URL characters separated by a \".\"" + maxLength: 255 minLength: 1 + pattern: "^(?:[\\w\\-.~:\\/?#[\\]@!$&'()*+,;=]+)\\.(?:[\\w\\-.~:\\/?#[\\]@!$&'()*+,;=]+)$" type: "string" required: - "managedZone" diff --git a/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta1/kuadrants.yaml b/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta1/kuadrants.yaml index 21312fedb..eda3f0eb4 100644 --- a/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta1/kuadrants.yaml +++ b/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta1/kuadrants.yaml @@ -69,11 +69,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -90,11 +92,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -106,6 +110,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -130,11 +135,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -151,14 +158,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -176,7 +186,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -194,11 +204,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -206,6 +218,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -225,11 +249,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -242,6 +268,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -257,13 +284,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -281,11 +309,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -293,6 +323,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -312,11 +354,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -329,6 +373,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -336,6 +381,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -349,7 +395,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -367,11 +413,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -379,6 +427,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -398,11 +458,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -415,6 +477,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -430,13 +493,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -454,11 +518,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -466,6 +532,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -485,11 +563,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -502,6 +582,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -509,6 +590,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" pdb: @@ -526,6 +608,12 @@ spec: description: "An eviction is allowed if at least \"minAvailable\" limitador pods will\nstill be available after the eviction, i.e. even in the absence of\nthe evicted pod. So for example you can prevent all voluntary\nevictions by specifying \"100%\"." x-kubernetes-int-or-string: true type: "object" + rateLimitHeaders: + description: "RateLimitHeadersType defines the valid options for the --rate-limit-headers arg" + enum: + - "NONE" + - "DRAFT_VERSION_03" + type: "string" replicas: type: "integer" resourceRequirements: @@ -621,21 +709,32 @@ spec: x-kubernetes-map-type: "atomic" options: properties: + batch-size: + description: "BatchSize defines the size of entries to flush in as single flush [default: 100]" + type: "integer" flush-period: description: "FlushPeriod for counters in milliseconds [default: 1000]" type: "integer" max-cached: description: "MaxCached refers to the maximum amount of counters cached [default: 10000]" type: "integer" - ratio: - description: "Ratio to apply to the TTL from Redis on cached counters [default: 10]" - type: "integer" - ttl: - description: "TTL for cached counters in milliseconds [default: 5000]" + response-timeout: + description: "ResponseTimeout defines the timeout for Redis commands in milliseconds [default: 350]" type: "integer" type: "object" type: "object" type: "object" + telemetry: + description: "Telemetry defines the level of metrics Limitador will expose to the user" + enum: + - "basic" + - "exhaustive" + type: "string" + verbosity: + description: "Sets the level of verbosity" + maximum: 4.0 + minimum: 1.0 + type: "integer" type: "object" type: "object" status: diff --git a/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta2/authpolicies.yaml b/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta2/authpolicies.yaml index 4d8793a36..a1d80c1d3 100644 --- a/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta2/authpolicies.yaml +++ b/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta2/authpolicies.yaml @@ -261,11 +261,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -614,11 +616,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2895,11 +2899,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3248,11 +3254,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5526,11 +5534,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5879,11 +5889,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -7936,12 +7948,6 @@ spec: maxLength: 253 minLength: 1 type: "string" - namespace: - description: "Namespace is the namespace of the referent. When unspecified, the local\nnamespace is inferred. Even when policy targets a resource in a different\nnamespace, it MUST only apply to traffic originating from the same\nnamespace as the policy." - maxLength: 63 - minLength: 1 - pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" - type: "string" required: - "group" - "kind" diff --git a/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta2/ratelimitpolicies.yaml b/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta2/ratelimitpolicies.yaml index 530b81cbd..a1f38032c 100644 --- a/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta2/ratelimitpolicies.yaml +++ b/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta2/ratelimitpolicies.yaml @@ -730,12 +730,6 @@ spec: maxLength: 253 minLength: 1 type: "string" - namespace: - description: "Namespace is the namespace of the referent. When unspecified, the local\nnamespace is inferred. Even when policy targets a resource in a different\nnamespace, it MUST only apply to traffic originating from the same\nnamespace as the policy." - maxLength: 63 - minLength: 1 - pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" - type: "string" required: - "group" - "kind" diff --git a/crd-catalog/Kuadrant/limitador-operator/limitador.kuadrant.io/v1alpha1/limitadors.yaml b/crd-catalog/Kuadrant/limitador-operator/limitador.kuadrant.io/v1alpha1/limitadors.yaml index 2a11c3916..c56f9bc97 100644 --- a/crd-catalog/Kuadrant/limitador-operator/limitador.kuadrant.io/v1alpha1/limitadors.yaml +++ b/crd-catalog/Kuadrant/limitador-operator/limitador.kuadrant.io/v1alpha1/limitadors.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.11.3" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "limitadors.limitador.kuadrant.io" spec: group: "limitador.kuadrant.io" @@ -19,10 +19,10 @@ spec: description: "Limitador is the Schema for the limitadors API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -36,9 +36,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -46,16 +46,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -67,16 +67,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -97,26 +97,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -128,16 +128,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -158,7 +158,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -171,16 +171,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -192,26 +192,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -223,23 +223,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -248,9 +248,9 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: description: "A label query over a set of resources, in this case pods." @@ -258,16 +258,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -279,26 +279,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -310,17 +310,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -331,7 +331,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -344,16 +344,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -365,26 +365,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -396,23 +396,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -421,9 +421,9 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: description: "A label query over a set of resources, in this case pods." @@ -431,16 +431,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -452,26 +452,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -483,17 +483,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -552,13 +552,13 @@ spec: anyOf: - type: "integer" - type: "string" - description: "An eviction is allowed if at most \"maxUnavailable\" limitador pods are unavailable after the eviction, i.e. even in absence of the evicted pod. For example, one can prevent all voluntary evictions by specifying 0. This is a mutually exclusive setting with \"minAvailable\"." + description: "An eviction is allowed if at most \"maxUnavailable\" limitador pods\nare unavailable after the eviction, i.e. even in absence of\nthe evicted pod. For example, one can prevent all voluntary evictions\nby specifying 0. This is a mutually exclusive setting with \"minAvailable\"." x-kubernetes-int-or-string: true minAvailable: anyOf: - type: "integer" - type: "string" - description: "An eviction is allowed if at least \"minAvailable\" limitador pods will still be available after the eviction, i.e. even in the absence of the evicted pod. So for example you can prevent all voluntary evictions by specifying \"100%\"." + description: "An eviction is allowed if at least \"minAvailable\" limitador pods will\nstill be available after the eviction, i.e. even in the absence of\nthe evicted pod. So for example you can prevent all voluntary\nevictions by specifying \"100%\"." x-kubernetes-int-or-string: true type: "object" rateLimitHeaders: @@ -573,12 +573,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -594,7 +594,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -603,7 +603,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" storage: @@ -620,13 +620,13 @@ spec: persistentVolumeClaim: properties: resources: - description: "Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set" + description: "Resources represents the minimum resources the volume should have.\nIgnored when VolumeName field is set" properties: requests: anyOf: - type: "integer" - type: "string" - description: "Storage Resource requests to be used on the PersistentVolumeClaim. To learn more about resource requests see: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Storage Resource requests to be used on the PersistentVolumeClaim.\nTo learn more about resource requests see:\nhttps://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true required: @@ -642,10 +642,10 @@ spec: redis: properties: configSecretRef: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -653,10 +653,10 @@ spec: redis-cached: properties: configSecretRef: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -696,7 +696,7 @@ spec: minimum: 1.0 type: "integer" version: - description: "[Deprecated] Use spec.image instead. Docker tag used as limitador image. The repo is hardcoded to quay.io/kuadrant/limitador" + description: "[Deprecated] Use spec.image instead.\n Docker tag used as limitador image. The repo is hardcoded to quay.io/kuadrant/limitador" type: "string" type: "object" x-kubernetes-validations: @@ -706,25 +706,25 @@ spec: description: "LimitadorStatus defines the observed state of Limitador" properties: conditions: - description: "Represents the observations of a foo's current state. Known .status.conditions.type are: \"Ready\"" + description: "Represents the observations of a foo's current state.\nKnown .status.conditions.type are: \"Ready\"" items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -737,7 +737,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/ThinkParQ/beegfs-csi-driver/beegfs.csi.netapp.com/v1/beegfsdrivers.yaml b/crd-catalog/ThinkParQ/beegfs-csi-driver/beegfs.csi.netapp.com/v1/beegfsdrivers.yaml index 310c892a6..d5e03d8fe 100644 --- a/crd-catalog/ThinkParQ/beegfs-csi-driver/beegfs.csi.netapp.com/v1/beegfsdrivers.yaml +++ b/crd-catalog/ThinkParQ/beegfs-csi-driver/beegfs.csi.netapp.com/v1/beegfsdrivers.yaml @@ -62,6 +62,16 @@ spec: description: "A tag (e.g. v2.2.2 or latest)." type: "string" type: "object" + csiResizer: + description: "Defaults to registry.k8s.io/sig-storage/csi-resizer:." + properties: + image: + description: "A combination of registry and image (e.g. registry.k8s.io/csi-provisioner or ghcr.io/thinkparq/beegfs-csi-driver)." + type: "string" + tag: + description: "A tag (e.g. v2.2.2 or latest)." + type: "string" + type: "object" livenessProbe: description: "Defaults to registry.k8s.io/sig-storage/livenessprobe:." properties: diff --git a/crd-catalog/aerospike/aerospike-kubernetes-operator/asdb.aerospike.com/v1/aerospikeclusters.yaml b/crd-catalog/aerospike/aerospike-kubernetes-operator/asdb.aerospike.com/v1/aerospikeclusters.yaml index 06c560c9e..933b835ba 100644 --- a/crd-catalog/aerospike/aerospike-kubernetes-operator/asdb.aerospike.com/v1/aerospikeclusters.yaml +++ b/crd-catalog/aerospike/aerospike-kubernetes-operator/asdb.aerospike.com/v1/aerospikeclusters.yaml @@ -237,6 +237,30 @@ spec: - type: "string" description: "MaxUnavailable is the percentage/number of pods that can be allowed to go down or unavailable before application disruption. This value is used to create PodDisruptionBudget. Defaults to 1. Refer Aerospike documentation for more details." x-kubernetes-int-or-string: true + operations: + description: "Operations is a list of on-demand operations to be performed on the Aerospike cluster." + items: + properties: + id: + maxLength: 20 + minLength: 1 + type: "string" + kind: + description: "Kind is the type of operation to be performed on the Aerospike cluster." + enum: + - "WarmRestart" + - "PodRestart" + type: "string" + podList: + items: + type: "string" + type: "array" + required: + - "id" + - "kind" + type: "object" + maxItems: 1 + type: "array" operatorClientCert: description: "Certificates to connect to Aerospike." properties: @@ -5521,6 +5545,29 @@ spec: multiPodPerHost: description: "If set true then multiple pods can be created per Kubernetes Node. This will create a NodePort service for each Pod. NodePort, as the name implies, opens a specific port on all the Kubernetes Nodes , and any traffic that is sent to this port is forwarded to the service. Here service picks a random port in range (30000-32767), so these port should be open. \n If set false then only single pod can be created per Kubernetes Node. This will create Pods using hostPort setting. The container port will be exposed to the external network at :, where the hostIP is the IP address of the Kubernetes Node where the container is running and the hostPort is the port requested by the user. Deprecated: MultiPodPerHost is now part of podSpec" type: "boolean" + operations: + description: "Operations is a list of on-demand operation to be performed on the Aerospike cluster." + items: + properties: + id: + maxLength: 20 + minLength: 1 + type: "string" + kind: + description: "Kind is the type of operation to be performed on the Aerospike cluster." + enum: + - "WarmRestart" + - "PodRestart" + type: "string" + podList: + items: + type: "string" + type: "array" + required: + - "id" + - "kind" + type: "object" + type: "array" operatorClientCertSpec: description: "Certificates to connect to Aerospike. If omitted then certs are taken from the secret 'aerospike-secret'." properties: diff --git a/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxs.yaml b/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxs.yaml index e6698a26f..7e11ae2e2 100644 --- a/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxs.yaml +++ b/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxs.yaml @@ -761,6 +761,9 @@ spec: maxLength: 255 pattern: "^[a-zA-Z0-9][-a-zA-Z0-9]{0,253}[a-zA-Z0-9]$" type: "string" + postgres_annotations: + description: "Annotations to add to the Postgres deployment." + type: "string" postgres_configuration_secret: description: "Secret where the database configuration can be found" type: "string" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml index 6d31d2bd2..dfd6431a1 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml @@ -200,7 +200,7 @@ spec: description: "Defines a set of nodes the builder pod is eligible to be scheduled on, based on labels on the node." type: "object" orderStrategy: - description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default `sequential`)" + description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default is the platform default)" enum: - "dependencies" - "fifo" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml index 83b44dc5e..11189ed4b 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml @@ -448,7 +448,7 @@ spec: description: "Defines a set of nodes the builder pod is eligible to be scheduled on, based on labels on the node." type: "object" orderStrategy: - description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default `sequential`)" + description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default is the platform default)" enum: - "dependencies" - "fifo" @@ -1992,7 +1992,7 @@ spec: description: "Defines a set of nodes the builder pod is eligible to be scheduled on, based on labels on the node." type: "object" orderStrategy: - description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default `sequential`)" + description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default is the platform default)" enum: - "dependencies" - "fifo" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml index a63ca7dc6..05c40e622 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml @@ -349,7 +349,7 @@ spec: description: "Defines a set of nodes the builder pod is eligible to be scheduled on, based on labels on the node." type: "object" orderStrategy: - description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default `sequential`)" + description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default is the platform default)" enum: - "dependencies" - "fifo" @@ -1801,7 +1801,7 @@ spec: description: "Defines a set of nodes the builder pod is eligible to be scheduled on, based on labels on the node." type: "object" orderStrategy: - description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default `sequential`)" + description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default is the platform default)" enum: - "dependencies" - "fifo" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml index ad602fd88..72b0c7f47 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml @@ -3842,7 +3842,7 @@ spec: description: "Defines a set of nodes the builder pod is eligible to be scheduled on, based on labels on the node." type: "object" orderStrategy: - description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default `sequential`)" + description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default is the platform default)" enum: - "dependencies" - "fifo" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml index d09947b2a..82b26210e 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml @@ -3833,7 +3833,7 @@ spec: description: "Defines a set of nodes the builder pod is eligible to be scheduled on, based on labels on the node." type: "object" orderStrategy: - description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default `sequential`)" + description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default is the platform default)" enum: - "dependencies" - "fifo" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kameletbindings.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kameletbindings.yaml index 9f1a83c00..f2ab18e14 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kameletbindings.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kameletbindings.yaml @@ -3835,7 +3835,7 @@ spec: description: "Defines a set of nodes the builder pod is eligible to be scheduled on, based on labels on the node." type: "object" orderStrategy: - description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default `sequential`)" + description: "The build order strategy to use, either `dependencies`, `fifo` or `sequential` (default is the platform default)" enum: - "dependencies" - "fifo" diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml index 5b199fdc7..f57238751 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml @@ -344,64 +344,6 @@ spec: required: - "leader" type: "object" - customLabelSpecs: - description: "Used for custom label tags which you want to add to the component resources." - items: - description: "CustomLabelSpec is deprecated since v0.8." - properties: - key: - description: "The key of the label." - type: "string" - resources: - description: "The resources that will be patched with the label." - items: - description: "GVKResource is deprecated since v0.8." - properties: - gvk: - description: "Represents the GVK of a resource, such as \"v1/Pod\", \"apps/v1/StatefulSet\", etc.\nWhen a resource matching this is found by the selector, a custom label will be added if it doesn't already exist,\nor updated if it does." - type: "string" - selector: - additionalProperties: - type: "string" - description: "A label query used to filter a set of resources." - type: "object" - required: - - "gvk" - type: "object" - type: "array" - value: - description: "The value of the label." - type: "string" - required: - - "key" - - "value" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "key" - x-kubernetes-list-type: "map" - description: - description: "Description of the component definition." - type: "string" - exporter: - description: "Defines the metrics exporter." - properties: - containerName: - description: "Specifies the name of the built-in metrics exporter container." - type: "string" - scrapePath: - description: "Specifies the http/https url path to scrape for metrics.\nIf empty, Prometheus uses the default value (e.g. `/metrics`)." - type: "string" - scrapePort: - description: "Specifies the port name to scrape for metrics." - type: "string" - scrapeScheme: - description: "Specifies the schema to use for scraping.\n`http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling.\nIf empty, Prometheus uses the default value `http`." - enum: - - "http" - - "https" - type: "string" - type: "object" horizontalScalePolicy: description: "Defines the behavior of horizontal scale." properties: @@ -440,31 +382,6 @@ spec: x-kubernetes-list-map-keys: - "name" x-kubernetes-list-type: "map" - monitor: - description: "Deprecated since v0.9\nmonitor is monitoring config which provided by provider." - properties: - builtIn: - default: false - description: "builtIn is a switch to enable KubeBlocks builtIn monitoring.\nIf BuiltIn is set to true, monitor metrics will be scraped automatically.\nIf BuiltIn is set to false, the provider should set ExporterConfig and Sidecar container own." - type: "boolean" - exporterConfig: - description: "exporterConfig provided by provider, which specify necessary information to Time Series Database.\nexporterConfig is valid when builtIn is false." - properties: - scrapePath: - default: "/metrics" - description: "scrapePath is exporter url path for Time Series Database to scrape metrics." - maxLength: 128 - type: "string" - scrapePort: - anyOf: - - type: "integer" - - type: "string" - description: "scrapePort is exporter port for Time Series Database to scrape metrics." - x-kubernetes-int-or-string: true - required: - - "scrapePort" - type: "object" - type: "object" name: description: "This name could be used as default name of `cluster.spec.componentSpecs.name`, and needs to conform with same\nvalidation rules as `cluster.spec.componentSpecs.name`, currently complying with IANA Service Naming rule.\nThis name will apply to cluster objects as the value of label \"apps.kubeblocks.io/component-name\"." maxLength: 22 @@ -6019,11 +5936,6 @@ spec: maxItems: 128 minItems: 1 type: "array" - type: - description: "Specifies the well-known database type, such as mysql, redis, or mongodb.\n\n\nDeprecated since v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases." - maxLength: 24 - pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$" - type: "string" type: "object" status: description: "ClusterDefinitionStatus defines the observed state of ClusterDefinition" diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml index 2cc8ca815..91aa60c49 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml @@ -2176,6 +2176,15 @@ spec: items: type: "string" type: "array" + parallelPodManagementConcurrency: + anyOf: + - type: "integer" + - type: "string" + description: "Controls the concurrency of pods during initial scale up, when replacing pods on nodes,\nor when scaling down. It only used when `PodManagementPolicy` is set to `Parallel`.\nThe default Concurrency is 100%." + x-kubernetes-int-or-string: true + podUpdatePolicy: + description: "PodUpdatePolicy indicates how pods should be updated\n\n\n- `StrictInPlace` indicates that only allows in-place upgrades.\nAny attempt to modify other fields will be rejected.\n- `PreferInPlace` indicates that we will first attempt an in-place upgrade of the Pod.\nIf that fails, it will fall back to the ReCreate, where pod will be recreated.\nDefault value is \"PreferInPlace\"" + type: "string" replicas: default: 1 description: "Specifies the desired number of replicas in the Component for enhancing availability and durability, or load balancing." @@ -2800,7 +2809,7 @@ spec: type: "array" type: "object" serviceAccountName: - description: "Specifies the name of the ServiceAccount required by the running Component.\nThis ServiceAccount is used to grant necessary permissions for the Component's Pods to interact\nwith other Kubernetes resources, such as modifying Pod labels or sending events.\n\n\nDefaults:\nIf not specified, KubeBlocks automatically assigns a default ServiceAccount named \"kb-{cluster.name}\",\nbound to a default role installed together with KubeBlocks.\n\n\nFuture Changes:\nFuture versions might change the default ServiceAccount creation strategy to one per Component,\npotentially revising the naming to \"kb-{cluster.name}-{component.name}\".\n\n\nUsers can override the automatic ServiceAccount assignment by explicitly setting the name of\nan existed ServiceAccount in this field." + description: "Specifies the name of the ServiceAccount required by the running Component.\nThis ServiceAccount is used to grant necessary permissions for the Component's Pods to interact\nwith other Kubernetes resources, such as modifying Pod labels or sending events.\n\n\nDefaults:\nTo perform certain operational tasks, agent sidecars running in Pods require specific RBAC permissions.\nThe service account will be bound to a default role named \"kubeblocks-cluster-pod-role\" which is installed together with KubeBlocks.\nIf not specified, KubeBlocks automatically assigns a default ServiceAccount named \"kb-{cluster.name}\"\n\n\nFuture Changes:\nFuture versions might change the default ServiceAccount creation strategy to one per Component,\npotentially revising the naming to \"kb-{cluster.name}-{component.name}\".\n\n\nUsers can override the automatic ServiceAccount assignment by explicitly setting the name of\nan existed ServiceAccount in this field." type: "string" serviceRefs: description: "Defines a list of ServiceRef for a Component, enabling access to both external services and\nServices provided by other Clusters.\n\n\nTypes of services:\n\n\n- External services: Not managed by KubeBlocks or managed by a different KubeBlocks operator;\n Require a ServiceDescriptor for connection details.\n- Services provided by a Cluster: Managed by the same KubeBlocks operator;\n identified using Cluster, Component and Service names.\n\n\nServiceRefs with identical `serviceRef.name` in the same Cluster are considered the same.\n\n\nExample:\n```yaml\nserviceRefs:\n - name: \"redis-sentinel\"\n serviceDescriptor:\n name: \"external-redis-sentinel\"\n - name: \"postgres-cluster\"\n clusterServiceSelector:\n cluster: \"my-postgres-cluster\"\n service:\n component: \"postgresql\"\n```\nThe example above includes ServiceRefs to an external Redis Sentinel service and a PostgreSQL Cluster." @@ -2892,6 +2901,9 @@ spec: - "name" type: "object" type: "array" + stop: + description: "Stop the Component.\nIf set, all the computing resources will be released." + type: "boolean" switchPolicy: description: "Defines the strategy for switchover and failover when workloadType is Replication.\n\n\nDeprecated since v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases." properties: @@ -7004,6 +7016,15 @@ spec: items: type: "string" type: "array" + parallelPodManagementConcurrency: + anyOf: + - type: "integer" + - type: "string" + description: "Controls the concurrency of pods during initial scale up, when replacing pods on nodes,\nor when scaling down. It only used when `PodManagementPolicy` is set to `Parallel`.\nThe default Concurrency is 100%." + x-kubernetes-int-or-string: true + podUpdatePolicy: + description: "PodUpdatePolicy indicates how pods should be updated\n\n\n- `StrictInPlace` indicates that only allows in-place upgrades.\nAny attempt to modify other fields will be rejected.\n- `PreferInPlace` indicates that we will first attempt an in-place upgrade of the Pod.\nIf that fails, it will fall back to the ReCreate, where pod will be recreated.\nDefault value is \"PreferInPlace\"" + type: "string" replicas: default: 1 description: "Specifies the desired number of replicas in the Component for enhancing availability and durability, or load balancing." @@ -7628,7 +7649,7 @@ spec: type: "array" type: "object" serviceAccountName: - description: "Specifies the name of the ServiceAccount required by the running Component.\nThis ServiceAccount is used to grant necessary permissions for the Component's Pods to interact\nwith other Kubernetes resources, such as modifying Pod labels or sending events.\n\n\nDefaults:\nIf not specified, KubeBlocks automatically assigns a default ServiceAccount named \"kb-{cluster.name}\",\nbound to a default role installed together with KubeBlocks.\n\n\nFuture Changes:\nFuture versions might change the default ServiceAccount creation strategy to one per Component,\npotentially revising the naming to \"kb-{cluster.name}-{component.name}\".\n\n\nUsers can override the automatic ServiceAccount assignment by explicitly setting the name of\nan existed ServiceAccount in this field." + description: "Specifies the name of the ServiceAccount required by the running Component.\nThis ServiceAccount is used to grant necessary permissions for the Component's Pods to interact\nwith other Kubernetes resources, such as modifying Pod labels or sending events.\n\n\nDefaults:\nTo perform certain operational tasks, agent sidecars running in Pods require specific RBAC permissions.\nThe service account will be bound to a default role named \"kubeblocks-cluster-pod-role\" which is installed together with KubeBlocks.\nIf not specified, KubeBlocks automatically assigns a default ServiceAccount named \"kb-{cluster.name}\"\n\n\nFuture Changes:\nFuture versions might change the default ServiceAccount creation strategy to one per Component,\npotentially revising the naming to \"kb-{cluster.name}-{component.name}\".\n\n\nUsers can override the automatic ServiceAccount assignment by explicitly setting the name of\nan existed ServiceAccount in this field." type: "string" serviceRefs: description: "Defines a list of ServiceRef for a Component, enabling access to both external services and\nServices provided by other Clusters.\n\n\nTypes of services:\n\n\n- External services: Not managed by KubeBlocks or managed by a different KubeBlocks operator;\n Require a ServiceDescriptor for connection details.\n- Services provided by a Cluster: Managed by the same KubeBlocks operator;\n identified using Cluster, Component and Service names.\n\n\nServiceRefs with identical `serviceRef.name` in the same Cluster are considered the same.\n\n\nExample:\n```yaml\nserviceRefs:\n - name: \"redis-sentinel\"\n serviceDescriptor:\n name: \"external-redis-sentinel\"\n - name: \"postgres-cluster\"\n clusterServiceSelector:\n cluster: \"my-postgres-cluster\"\n service:\n component: \"postgresql\"\n```\nThe example above includes ServiceRefs to an external Redis Sentinel service and a PostgreSQL Cluster." @@ -7720,6 +7741,9 @@ spec: - "name" type: "object" type: "array" + stop: + description: "Stop the Component.\nIf set, all the computing resources will be released." + type: "boolean" switchPolicy: description: "Defines the strategy for switchover and failover when workloadType is Replication.\n\n\nDeprecated since v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases." properties: diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml index 2f0c535e3..2f17f9e36 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml @@ -175,7 +175,7 @@ spec: type: "string" type: "object" hostNetwork: - description: "Specifies the host network configuration for the Component.\n\n\nWhen `hostNetwork` option is enabled, the Pods share the host's network namespace and can directly access\nthe host's network interfaces.\nThis means that if multiple Pods need to use the same port, they cannot run on the same host simultaneously\ndue to port conflicts.\n\n\nThe DNSPolicy field in the Pod spec determines how containers within the Pod perform DNS resolution.\nWhen using hostNetwork, the operator will set the DNSPolicy to 'ClusterFirstWithHostNet'.\nWith this policy, DNS queries will first go through the K8s cluster's DNS service.\nIf the query fails, it will fall back to the host's DNS settings.\n\n\nIf set, the DNS policy will be automatically set to \"ClusterFirstWithHostNet\"." + description: "Specifies the host network configuration for the Component.\n\n\nWhen `hostNetwork` option is enabled, the Pods share the host's network namespace and can directly access\nthe host's network interfaces.\nThis means that if multiple Pods need to use the same port, they cannot run on the same host simultaneously\ndue to port conflicts.\n\n\nThe DNSPolicy field in the Pod spec determines how containers within the Pod perform DNS resolution.\nWhen using hostNetwork, the operator will set the DNSPolicy to 'ClusterFirstWithHostNet'.\nWith this policy, DNS queries will first go through the K8s cluster's DNS service.\nIf the query fails, it will fall back to the host's DNS settings.\n\n\nIf set, the DNS policy will be automatically set to \"ClusterFirstWithHostNet\".\n\n\nThis field is immutable." properties: containerPorts: description: "The list of container ports that are required by the component." @@ -213,93 +213,6 @@ spec: customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." properties: - container: - description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - env: - description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" exec: description: "Defines the command to run.\n\n\nThis field cannot be updated." properties: @@ -313,6 +226,107 @@ spec: items: type: "string" type: "array" + container: + description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" type: "object" http: description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." @@ -354,12 +368,6 @@ spec: required: - "port" type: "object" - image: - description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." - type: "string" - matchingKey: - description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" preCondition: description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." type: "string" @@ -376,14 +384,6 @@ spec: format: "int64" type: "integer" type: "object" - targetPodSelector: - description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - enum: - - "Any" - - "All" - - "Role" - - "Ordinal" - type: "string" timeoutSeconds: default: 0 description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." @@ -400,93 +400,6 @@ spec: customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." properties: - container: - description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - env: - description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" exec: description: "Defines the command to run.\n\n\nThis field cannot be updated." properties: @@ -500,53 +413,148 @@ spec: items: type: "string" type: "array" - type: "object" - http: - description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." - properties: - host: - description: "Indicates the server's domain name or IP address. Defaults to the Pod's IP.\nPrefer setting the \"Host\" header in httpHeaders when needed." + container: + description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." type: "string" - httpHeaders: - description: "Allows for the inclusion of custom headers in the request.\nHTTP permits the use of repeated headers." + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" + description: "EnvVar represents an environment variable present in a Container." properties: name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "The header field value" + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - method: - description: "Represents the type of HTTP request to be made, such as \"GET,\" \"POST,\" \"PUT,\" etc.\nIf not specified, \"GET\" is the default method." - type: "string" - path: - description: "Specifies the endpoint to be requested on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the target port for the HTTP request.\nIt can be specified either as a numeric value in the range of 1 to 65535,\nor as a named port that meets the IANA_SVC_NAME specification." - x-kubernetes-int-or-string: true + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" + type: "object" + http: + description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." + properties: + host: + description: "Indicates the server's domain name or IP address. Defaults to the Pod's IP.\nPrefer setting the \"Host\" header in httpHeaders when needed." + type: "string" + httpHeaders: + description: "Allows for the inclusion of custom headers in the request.\nHTTP permits the use of repeated headers." + items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" + properties: + name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." + type: "string" + value: + description: "The header field value" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + method: + description: "Represents the type of HTTP request to be made, such as \"GET,\" \"POST,\" \"PUT,\" etc.\nIf not specified, \"GET\" is the default method." + type: "string" + path: + description: "Specifies the endpoint to be requested on the HTTP server." + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the target port for the HTTP request.\nIt can be specified either as a numeric value in the range of 1 to 65535,\nor as a named port that meets the IANA_SVC_NAME specification." + x-kubernetes-int-or-string: true scheme: description: "Designates the protocol used to make the request, such as HTTP or HTTPS.\nIf not specified, HTTP is used by default." type: "string" required: - "port" type: "object" - image: - description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." - type: "string" - matchingKey: - description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" preCondition: description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." type: "string" @@ -563,14 +571,6 @@ spec: format: "int64" type: "integer" type: "object" - targetPodSelector: - description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - enum: - - "Any" - - "All" - - "Role" - - "Ordinal" - type: "string" timeoutSeconds: default: 0 description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." @@ -587,93 +587,6 @@ spec: customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." properties: - container: - description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - env: - description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" exec: description: "Defines the command to run.\n\n\nThis field cannot be updated." properties: @@ -687,6 +600,107 @@ spec: items: type: "string" type: "array" + container: + description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" type: "object" http: description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." @@ -728,12 +742,6 @@ spec: required: - "port" type: "object" - image: - description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." - type: "string" - matchingKey: - description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" preCondition: description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." type: "string" @@ -750,14 +758,6 @@ spec: format: "int64" type: "integer" type: "object" - targetPodSelector: - description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - enum: - - "Any" - - "All" - - "Role" - - "Ordinal" - type: "string" timeoutSeconds: default: 0 description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." @@ -774,106 +774,120 @@ spec: customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." properties: - container: - description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - env: - description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." + exec: + description: "Defines the command to run.\n\n\nThis field cannot be updated." + properties: + args: + description: "Args represents the arguments that are passed to the `command` for execution." + items: type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "array" + command: + description: "Specifies the command to be executed inside the container.\nThe working directory for this command is the container's root directory('/').\nCommands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.\nIf the shell is required, it must be explicitly invoked in the command.\n\n\nA successful execution is indicated by an exit status of 0; any non-zero status signifies a failure." + items: type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." + type: "array" + container: + description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" type: "object" - x-kubernetes-map-type: "atomic" + required: + - "name" type: "object" - required: - - "name" - type: "object" - type: "array" - exec: - description: "Defines the command to run.\n\n\nThis field cannot be updated." - properties: - args: - description: "Args represents the arguments that are passed to the `command` for execution." - items: - type: "string" - type: "array" - command: - description: "Specifies the command to be executed inside the container.\nThe working directory for this command is the container's root directory('/').\nCommands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.\nIf the shell is required, it must be explicitly invoked in the command.\n\n\nA successful execution is indicated by an exit status of 0; any non-zero status signifies a failure." - items: - type: "string" type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" type: "object" http: description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." @@ -915,12 +929,6 @@ spec: required: - "port" type: "object" - image: - description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." - type: "string" - matchingKey: - description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" preCondition: description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." type: "string" @@ -937,14 +945,6 @@ spec: format: "int64" type: "integer" type: "object" - targetPodSelector: - description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - enum: - - "Any" - - "All" - - "Role" - - "Ordinal" - type: "string" timeoutSeconds: default: 0 description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." @@ -961,93 +961,6 @@ spec: customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." properties: - container: - description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - env: - description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" exec: description: "Defines the command to run.\n\n\nThis field cannot be updated." properties: @@ -1061,6 +974,107 @@ spec: items: type: "string" type: "array" + container: + description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" type: "object" http: description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." @@ -1102,12 +1116,6 @@ spec: required: - "port" type: "object" - image: - description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." - type: "string" - matchingKey: - description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" preCondition: description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." type: "string" @@ -1124,14 +1132,6 @@ spec: format: "int64" type: "integer" type: "object" - targetPodSelector: - description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - enum: - - "Any" - - "All" - - "Role" - - "Ordinal" - type: "string" timeoutSeconds: default: 0 description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." @@ -1148,93 +1148,6 @@ spec: customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." properties: - container: - description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - env: - description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" exec: description: "Defines the command to run.\n\n\nThis field cannot be updated." properties: @@ -1248,6 +1161,107 @@ spec: items: type: "string" type: "array" + container: + description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" type: "object" http: description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." @@ -1289,12 +1303,6 @@ spec: required: - "port" type: "object" - image: - description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." - type: "string" - matchingKey: - description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" preCondition: description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." type: "string" @@ -1311,14 +1319,6 @@ spec: format: "int64" type: "integer" type: "object" - targetPodSelector: - description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - enum: - - "Any" - - "All" - - "Role" - - "Ordinal" - type: "string" timeoutSeconds: default: 0 description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." @@ -1335,93 +1335,6 @@ spec: customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." properties: - container: - description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - env: - description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" exec: description: "Defines the command to run.\n\n\nThis field cannot be updated." properties: @@ -1435,36 +1348,137 @@ spec: items: type: "string" type: "array" - type: "object" - http: - description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." - properties: - host: - description: "Indicates the server's domain name or IP address. Defaults to the Pod's IP.\nPrefer setting the \"Host\" header in httpHeaders when needed." + container: + description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." type: "string" - httpHeaders: - description: "Allows for the inclusion of custom headers in the request.\nHTTP permits the use of repeated headers." + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" + description: "EnvVar represents an environment variable present in a Container." properties: name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "The header field value" + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - method: - description: "Represents the type of HTTP request to be made, such as \"GET,\" \"POST,\" \"PUT,\" etc.\nIf not specified, \"GET\" is the default method." - type: "string" - path: - description: "Specifies the endpoint to be requested on the HTTP server." - type: "string" - port: + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" + type: "object" + http: + description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." + properties: + host: + description: "Indicates the server's domain name or IP address. Defaults to the Pod's IP.\nPrefer setting the \"Host\" header in httpHeaders when needed." + type: "string" + httpHeaders: + description: "Allows for the inclusion of custom headers in the request.\nHTTP permits the use of repeated headers." + items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" + properties: + name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." + type: "string" + value: + description: "The header field value" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + method: + description: "Represents the type of HTTP request to be made, such as \"GET,\" \"POST,\" \"PUT,\" etc.\nIf not specified, \"GET\" is the default method." + type: "string" + path: + description: "Specifies the endpoint to be requested on the HTTP server." + type: "string" + port: anyOf: - type: "integer" - type: "string" @@ -1476,12 +1490,6 @@ spec: required: - "port" type: "object" - image: - description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." - type: "string" - matchingKey: - description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" preCondition: description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." type: "string" @@ -1498,14 +1506,6 @@ spec: format: "int64" type: "integer" type: "object" - targetPodSelector: - description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - enum: - - "Any" - - "All" - - "Role" - - "Ordinal" - type: "string" timeoutSeconds: default: 0 description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." @@ -1522,93 +1522,6 @@ spec: customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." properties: - container: - description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - env: - description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" exec: description: "Defines the command to run.\n\n\nThis field cannot be updated." properties: @@ -1622,6 +1535,107 @@ spec: items: type: "string" type: "array" + container: + description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" type: "object" http: description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." @@ -1663,12 +1677,6 @@ spec: required: - "port" type: "object" - image: - description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." - type: "string" - matchingKey: - description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" preCondition: description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." type: "string" @@ -1685,491 +1693,22 @@ spec: format: "int64" type: "integer" type: "object" - targetPodSelector: - description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - enum: - - "Any" - - "All" - - "Role" - - "Ordinal" - type: "string" - timeoutSeconds: - default: 0 - description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." - format: "int32" - type: "integer" - type: "object" - type: "object" - readwrite: - description: "Defines the procedure to transition a replica from the read-only state back to the read-write state.\n\n\nUse Case:\nThis action is used to bring back a replica that was previously in a read-only state,\nwhich restricted write operations, to its normal operational state where it can handle\nboth read and write operations.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_POD_FQDN: The FQDN of the replica pod whose role is being checked.\n- KB_SERVICE_PORT: The port used by the database service.\n- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.\n- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.\n\n\nExpected action output:\n- On Failure: An error message, if applicable, indicating why the action failed.\n\n\nNote: This field is immutable once it has been set." - properties: - builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." - type: "string" - customHandler: - description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." - properties: - container: - description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - env: - description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" - exec: - description: "Defines the command to run.\n\n\nThis field cannot be updated." - properties: - args: - description: "Args represents the arguments that are passed to the `command` for execution." - items: - type: "string" - type: "array" - command: - description: "Specifies the command to be executed inside the container.\nThe working directory for this command is the container's root directory('/').\nCommands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.\nIf the shell is required, it must be explicitly invoked in the command.\n\n\nA successful execution is indicated by an exit status of 0; any non-zero status signifies a failure." - items: - type: "string" - type: "array" - type: "object" - http: - description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." - properties: - host: - description: "Indicates the server's domain name or IP address. Defaults to the Pod's IP.\nPrefer setting the \"Host\" header in httpHeaders when needed." - type: "string" - httpHeaders: - description: "Allows for the inclusion of custom headers in the request.\nHTTP permits the use of repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - method: - description: "Represents the type of HTTP request to be made, such as \"GET,\" \"POST,\" \"PUT,\" etc.\nIf not specified, \"GET\" is the default method." - type: "string" - path: - description: "Specifies the endpoint to be requested on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the target port for the HTTP request.\nIt can be specified either as a numeric value in the range of 1 to 65535,\nor as a named port that meets the IANA_SVC_NAME specification." - x-kubernetes-int-or-string: true - scheme: - description: "Designates the protocol used to make the request, such as HTTP or HTTPS.\nIf not specified, HTTP is used by default." - type: "string" - required: - - "port" - type: "object" - image: - description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." - type: "string" - matchingKey: - description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - preCondition: - description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." - type: "string" - retryPolicy: - description: "Defines the strategy to be taken when retrying the Action after a failure.\n\n\nIt specifies the conditions under which the Action should be retried and the limits to apply,\nsuch as the maximum number of retries and backoff strategy.\n\n\nThis field cannot be updated." - properties: - maxRetries: - default: 0 - description: "Defines the maximum number of retry attempts that should be made for a given Action.\nThis value is set to 0 by default, indicating that no retries will be made." - type: "integer" - retryInterval: - default: 0 - description: "Indicates the duration of time to wait between each retry attempt.\nThis value is set to 0 by default, indicating that there will be no delay between retry attempts." - format: "int64" - type: "integer" - type: "object" - targetPodSelector: - description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - enum: - - "Any" - - "All" - - "Role" - - "Ordinal" - type: "string" - timeoutSeconds: - default: 0 - description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." - format: "int32" - type: "integer" - type: "object" - type: "object" - reconfigure: - description: "Defines the procedure that update a replica with new configuration.\n\n\nNote: This field is immutable once it has been set.\n\n\nThis Action is reserved for future versions." - properties: - builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." - type: "string" - customHandler: - description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." - properties: - container: - description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - env: - description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" - exec: - description: "Defines the command to run.\n\n\nThis field cannot be updated." - properties: - args: - description: "Args represents the arguments that are passed to the `command` for execution." - items: - type: "string" - type: "array" - command: - description: "Specifies the command to be executed inside the container.\nThe working directory for this command is the container's root directory('/').\nCommands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.\nIf the shell is required, it must be explicitly invoked in the command.\n\n\nA successful execution is indicated by an exit status of 0; any non-zero status signifies a failure." - items: - type: "string" - type: "array" - type: "object" - http: - description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." - properties: - host: - description: "Indicates the server's domain name or IP address. Defaults to the Pod's IP.\nPrefer setting the \"Host\" header in httpHeaders when needed." - type: "string" - httpHeaders: - description: "Allows for the inclusion of custom headers in the request.\nHTTP permits the use of repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - method: - description: "Represents the type of HTTP request to be made, such as \"GET,\" \"POST,\" \"PUT,\" etc.\nIf not specified, \"GET\" is the default method." - type: "string" - path: - description: "Specifies the endpoint to be requested on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the target port for the HTTP request.\nIt can be specified either as a numeric value in the range of 1 to 65535,\nor as a named port that meets the IANA_SVC_NAME specification." - x-kubernetes-int-or-string: true - scheme: - description: "Designates the protocol used to make the request, such as HTTP or HTTPS.\nIf not specified, HTTP is used by default." - type: "string" - required: - - "port" - type: "object" - image: - description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." - type: "string" - matchingKey: - description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - preCondition: - description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." - type: "string" - retryPolicy: - description: "Defines the strategy to be taken when retrying the Action after a failure.\n\n\nIt specifies the conditions under which the Action should be retried and the limits to apply,\nsuch as the maximum number of retries and backoff strategy.\n\n\nThis field cannot be updated." - properties: - maxRetries: - default: 0 - description: "Defines the maximum number of retry attempts that should be made for a given Action.\nThis value is set to 0 by default, indicating that no retries will be made." - type: "integer" - retryInterval: - default: 0 - description: "Indicates the duration of time to wait between each retry attempt.\nThis value is set to 0 by default, indicating that there will be no delay between retry attempts." - format: "int64" - type: "integer" - type: "object" - targetPodSelector: - description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - enum: - - "Any" - - "All" - - "Role" - - "Ordinal" - type: "string" - timeoutSeconds: - default: 0 - description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." - format: "int32" - type: "integer" - type: "object" - type: "object" - roleProbe: - description: "Defines the procedure which is invoked regularly to assess the role of replicas.\n\n\nThis action is periodically triggered by Lorry at the specified interval to determine the role of each replica.\nUpon successful execution, the action's output designates the role of the replica,\nwhich should match one of the predefined role names within `componentDefinition.spec.roles`.\nThe output is then compared with the previous successful execution result.\nIf a role change is detected, an event is generated to inform the controller,\nwhich initiates an update of the replica's role.\n\n\nDefining a RoleProbe Action for a Component is required if roles are defined for the Component.\nIt ensures replicas are correctly labeled with their respective roles.\nWithout this, services that rely on roleSelectors might improperly direct traffic to wrong replicas.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_POD_FQDN: The FQDN of the Pod whose role is being assessed.\n- KB_SERVICE_PORT: The port used by the database service.\n- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.\n- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.\n\n\nExpected output of this action:\n- On Success: The determined role of the replica, which must align with one of the roles specified\n in the component definition.\n- On Failure: An error message, if applicable, indicating why the action failed.\n\n\nNote: This field is immutable once it has been set." - properties: - builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." - type: "string" - customHandler: - description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." - properties: - container: - description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - env: - description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" + timeoutSeconds: + default: 0 + description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." + format: "int32" + type: "integer" + type: "object" + type: "object" + readwrite: + description: "Defines the procedure to transition a replica from the read-only state back to the read-write state.\n\n\nUse Case:\nThis action is used to bring back a replica that was previously in a read-only state,\nwhich restricted write operations, to its normal operational state where it can handle\nboth read and write operations.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_POD_FQDN: The FQDN of the replica pod whose role is being checked.\n- KB_SERVICE_PORT: The port used by the database service.\n- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.\n- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.\n\n\nExpected action output:\n- On Failure: An error message, if applicable, indicating why the action failed.\n\n\nNote: This field is immutable once it has been set." + properties: + builtinHandler: + description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." + type: "string" + customHandler: + description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." + properties: exec: description: "Defines the command to run.\n\n\nThis field cannot be updated." properties: @@ -2183,6 +1722,107 @@ spec: items: type: "string" type: "array" + container: + description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" type: "object" http: description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." @@ -2224,12 +1864,6 @@ spec: required: - "port" type: "object" - image: - description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." - type: "string" - matchingKey: - description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" preCondition: description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." type: "string" @@ -2246,139 +1880,22 @@ spec: format: "int64" type: "integer" type: "object" - targetPodSelector: - description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - enum: - - "Any" - - "All" - - "Role" - - "Ordinal" - type: "string" timeoutSeconds: default: 0 description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." format: "int32" type: "integer" type: "object" - initialDelaySeconds: - description: "Specifies the number of seconds to wait after the container has started before the RoleProbe\nbegins to detect the container's role." - format: "int32" - type: "integer" - periodSeconds: - description: "Specifies the frequency at which the probe is conducted. This value is expressed in seconds.\nDefault to 10 seconds. Minimum value is 1." - format: "int32" - type: "integer" - timeoutSeconds: - description: "Specifies the number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1." - format: "int32" - type: "integer" type: "object" - switchover: - description: "Defines the procedure for a controlled transition of leadership from the current leader to a new replica.\nThis approach aims to minimize downtime and maintain availability in systems with a leader-follower topology,\nduring events such as planned maintenance or when performing stop, shutdown, restart, or upgrade operations\ninvolving the current leader node.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_SWITCHOVER_CANDIDATE_NAME: The name of the pod for the new leader candidate, which may not be specified (empty).\n- KB_SWITCHOVER_CANDIDATE_FQDN: The FQDN of the new leader candidate's pod, which may not be specified (empty).\n- KB_LEADER_POD_IP: The IP address of the current leader's pod prior to the switchover.\n- KB_LEADER_POD_NAME: The name of the current leader's pod prior to the switchover.\n- KB_LEADER_POD_FQDN: The FQDN of the current leader's pod prior to the switchover.\n\n\nThe environment variables with the following prefixes are deprecated and will be removed in future releases:\n\n\n- KB_REPLICATION_PRIMARY_POD_\n- KB_CONSENSUS_LEADER_POD_\n\n\nNote: This field is immutable once it has been set." + reconfigure: + description: "Defines the procedure that update a replica with new configuration.\n\n\nNote: This field is immutable once it has been set.\n\n\nThis Action is reserved for future versions." properties: - scriptSpecSelectors: - description: "Used to define the selectors for the scriptSpecs that need to be referenced.\nIf this field is set, the scripts defined under the 'scripts' field can be invoked or referenced within an Action.\n\n\nThis field is deprecated from v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases." - items: - properties: - name: - description: "Represents the name of the ScriptSpec referent." - maxLength: 63 - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" - required: - - "name" - type: "object" - type: "array" - withCandidate: - description: "Represents the switchover process for a specified candidate primary or leader instance.\nNote that only Action.Exec is currently supported, while Action.HTTP is not." + builtinHandler: + description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." + type: "string" + customHandler: + description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." properties: - container: - description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" - env: - description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" exec: description: "Defines the command to run.\n\n\nThis field cannot be updated." properties: @@ -2392,6 +1909,107 @@ spec: items: type: "string" type: "array" + container: + description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" type: "object" http: description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." @@ -2433,12 +2051,6 @@ spec: required: - "port" type: "object" - image: - description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." - type: "string" - matchingKey: - description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" preCondition: description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." type: "string" @@ -2455,23 +2067,32 @@ spec: format: "int64" type: "integer" type: "object" - targetPodSelector: - description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - enum: - - "Any" - - "All" - - "Role" - - "Ordinal" - type: "string" timeoutSeconds: default: 0 description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." format: "int32" type: "integer" type: "object" - withoutCandidate: - description: "Represents a switchover process that does not involve a specific candidate primary or leader instance.\nAs with the previous field, only Action.Exec is currently supported, not Action.HTTP." + type: "object" + roleProbe: + description: "Defines the procedure which is invoked regularly to assess the role of replicas.\n\n\nThis action is periodically triggered by Lorry at the specified interval to determine the role of each replica.\nUpon successful execution, the action's output designates the role of the replica,\nwhich should match one of the predefined role names within `componentDefinition.spec.roles`.\nThe output is then compared with the previous successful execution result.\nIf a role change is detected, an event is generated to inform the controller,\nwhich initiates an update of the replica's role.\n\n\nDefining a RoleProbe Action for a Component is required if roles are defined for the Component.\nIt ensures replicas are correctly labeled with their respective roles.\nWithout this, services that rely on roleSelectors might improperly direct traffic to wrong replicas.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_POD_FQDN: The FQDN of the Pod whose role is being assessed.\n- KB_SERVICE_PORT: The port used by the database service.\n- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.\n- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.\n\n\nExpected output of this action:\n- On Success: The determined role of the replica, which must align with one of the roles specified\n in the component definition.\n- On Failure: An error message, if applicable, indicating why the action failed.\n\n\nNote: This field is immutable once it has been set." + properties: + builtinHandler: + description: "TODO: remove this later." + type: "string" + exec: + description: "Defines the command to run.\n\n\nThis field cannot be updated." properties: + args: + description: "Args represents the arguments that are passed to the `command` for execution." + items: + type: "string" + type: "array" + command: + description: "Specifies the command to be executed inside the container.\nThe working directory for this command is the container's root directory('/').\nCommands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.\nIf the shell is required, it must be explicitly invoked in the command.\n\n\nA successful execution is indicated by an exit status of 0; any non-zero status signifies a failure." + items: + type: "string" + type: "array" container: description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." type: "string" @@ -2559,6 +2180,118 @@ spec: - "name" type: "object" type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" + type: "object" + failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." + format: "int32" + type: "integer" + http: + description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." + properties: + host: + description: "Indicates the server's domain name or IP address. Defaults to the Pod's IP.\nPrefer setting the \"Host\" header in httpHeaders when needed." + type: "string" + httpHeaders: + description: "Allows for the inclusion of custom headers in the request.\nHTTP permits the use of repeated headers." + items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" + properties: + name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." + type: "string" + value: + description: "The header field value" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + method: + description: "Represents the type of HTTP request to be made, such as \"GET,\" \"POST,\" \"PUT,\" etc.\nIf not specified, \"GET\" is the default method." + type: "string" + path: + description: "Specifies the endpoint to be requested on the HTTP server." + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the target port for the HTTP request.\nIt can be specified either as a numeric value in the range of 1 to 65535,\nor as a named port that meets the IANA_SVC_NAME specification." + x-kubernetes-int-or-string: true + scheme: + description: "Designates the protocol used to make the request, such as HTTP or HTTPS.\nIf not specified, HTTP is used by default." + type: "string" + required: + - "port" + type: "object" + initialDelaySeconds: + description: "Specifies the number of seconds to wait after the container has started before the RoleProbe\nbegins to detect the container's role." + format: "int32" + type: "integer" + periodSeconds: + description: "Specifies the frequency at which the probe is conducted. This value is expressed in seconds.\nDefault to 10 seconds. Minimum value is 1." + format: "int32" + type: "integer" + preCondition: + description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." + type: "string" + retryPolicy: + description: "Defines the strategy to be taken when retrying the Action after a failure.\n\n\nIt specifies the conditions under which the Action should be retried and the limits to apply,\nsuch as the maximum number of retries and backoff strategy.\n\n\nThis field cannot be updated." + properties: + maxRetries: + default: 0 + description: "Defines the maximum number of retry attempts that should be made for a given Action.\nThis value is set to 0 by default, indicating that no retries will be made." + type: "integer" + retryInterval: + default: 0 + description: "Indicates the duration of time to wait between each retry attempt.\nThis value is set to 0 by default, indicating that there will be no delay between retry attempts." + format: "int64" + type: "integer" + type: "object" + successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Minimum value is 1." + format: "int32" + type: "integer" + timeoutSeconds: + default: 0 + description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." + format: "int32" + type: "integer" + type: "object" + switchover: + description: "Defines the procedure for a controlled transition of leadership from the current leader to a new replica.\nThis approach aims to minimize downtime and maintain availability in systems with a leader-follower topology,\nduring events such as planned maintenance or when performing stop, shutdown, restart, or upgrade operations\ninvolving the current leader node.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_SWITCHOVER_CANDIDATE_NAME: The name of the pod for the new leader candidate, which may not be specified (empty).\n- KB_SWITCHOVER_CANDIDATE_FQDN: The FQDN of the new leader candidate's pod, which may not be specified (empty).\n- KB_LEADER_POD_IP: The IP address of the current leader's pod prior to the switchover.\n- KB_LEADER_POD_NAME: The name of the current leader's pod prior to the switchover.\n- KB_LEADER_POD_FQDN: The FQDN of the current leader's pod prior to the switchover.\n\n\nThe environment variables with the following prefixes are deprecated and will be removed in future releases:\n\n\n- KB_REPLICATION_PRIMARY_POD_\n- KB_CONSENSUS_LEADER_POD_\n\n\nNote: This field is immutable once it has been set." + properties: + scriptSpecSelectors: + description: "Used to define the selectors for the scriptSpecs that need to be referenced.\nIf this field is set, the scripts defined under the 'scripts' field can be invoked or referenced within an Action.\n\n\nThis field is deprecated from v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases." + items: + properties: + name: + description: "Represents the name of the ScriptSpec referent." + maxLength: 63 + pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" + type: "string" + required: + - "name" + type: "object" + type: "array" + withCandidate: + description: "Represents the switchover process for a specified candidate primary or leader instance.\nNote that only Action.Exec is currently supported, while Action.HTTP is not." + properties: exec: description: "Defines the command to run.\n\n\nThis field cannot be updated." properties: @@ -2572,6 +2305,107 @@ spec: items: type: "string" type: "array" + container: + description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" type: "object" http: description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." @@ -2613,12 +2447,6 @@ spec: required: - "port" type: "object" - image: - description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." - type: "string" - matchingKey: - description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - type: "string" preCondition: description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." type: "string" @@ -2635,14 +2463,186 @@ spec: format: "int64" type: "integer" type: "object" - targetPodSelector: - description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." - enum: - - "Any" - - "All" - - "Role" - - "Ordinal" + timeoutSeconds: + default: 0 + description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." + format: "int32" + type: "integer" + type: "object" + withoutCandidate: + description: "Represents a switchover process that does not involve a specific candidate primary or leader instance.\nAs with the previous field, only Action.Exec is currently supported, not Action.HTTP." + properties: + exec: + description: "Defines the command to run.\n\n\nThis field cannot be updated." + properties: + args: + description: "Args represents the arguments that are passed to the `command` for execution." + items: + type: "string" + type: "array" + command: + description: "Specifies the command to be executed inside the container.\nThe working directory for this command is the container's root directory('/').\nCommands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.\nIf the shell is required, it must be explicitly invoked in the command.\n\n\nA successful execution is indicated by an exit status of 0; any non-zero status signifies a failure." + items: + type: "string" + type: "array" + container: + description: "Defines the name of the container within the target Pod where the action will be executed.\n\n\nThis name must correspond to one of the containers defined in `componentDefinition.spec.runtime`.\nIf this field is not specified, the default behavior is to use the first container listed in\n`componentDefinition.spec.runtime`.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nThis field is mutually exclusive with the `container` field; only one of them should be provided.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nThis field cannot be updated.\n\n\nNote: This field is reserved for future use and is not currently active." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" + type: "object" + http: + description: "Specifies the HTTP request to perform.\n\n\nThis field cannot be updated.\n\n\nNote: HTTPAction is to be implemented in future version." + properties: + host: + description: "Indicates the server's domain name or IP address. Defaults to the Pod's IP.\nPrefer setting the \"Host\" header in httpHeaders when needed." + type: "string" + httpHeaders: + description: "Allows for the inclusion of custom headers in the request.\nHTTP permits the use of repeated headers." + items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" + properties: + name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." + type: "string" + value: + description: "The header field value" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + method: + description: "Represents the type of HTTP request to be made, such as \"GET,\" \"POST,\" \"PUT,\" etc.\nIf not specified, \"GET\" is the default method." + type: "string" + path: + description: "Specifies the endpoint to be requested on the HTTP server." + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the target port for the HTTP request.\nIt can be specified either as a numeric value in the range of 1 to 65535,\nor as a named port that meets the IANA_SVC_NAME specification." + x-kubernetes-int-or-string: true + scheme: + description: "Designates the protocol used to make the request, such as HTTP or HTTPS.\nIf not specified, HTTP is used by default." + type: "string" + required: + - "port" + type: "object" + preCondition: + description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." type: "string" + retryPolicy: + description: "Defines the strategy to be taken when retrying the Action after a failure.\n\n\nIt specifies the conditions under which the Action should be retried and the limits to apply,\nsuch as the maximum number of retries and backoff strategy.\n\n\nThis field cannot be updated." + properties: + maxRetries: + default: 0 + description: "Defines the maximum number of retry attempts that should be made for a given Action.\nThis value is set to 0 by default, indicating that no retries will be made." + type: "integer" + retryInterval: + default: 0 + description: "Indicates the duration of time to wait between each retry attempt.\nThis value is set to 0 by default, indicating that there will be no delay between retry attempts." + format: "int64" + type: "integer" + type: "object" timeoutSeconds: default: 0 description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." @@ -2677,31 +2677,6 @@ spec: format: "int32" minimum: 0.0 type: "integer" - monitor: - description: "Deprecated since v0.9\nmonitor is monitoring config which provided by provider." - properties: - builtIn: - default: false - description: "builtIn is a switch to enable KubeBlocks builtIn monitoring.\nIf BuiltIn is set to true, monitor metrics will be scraped automatically.\nIf BuiltIn is set to false, the provider should set ExporterConfig and Sidecar container own." - type: "boolean" - exporterConfig: - description: "exporterConfig provided by provider, which specify necessary information to Time Series Database.\nexporterConfig is valid when builtIn is false." - properties: - scrapePath: - default: "/metrics" - description: "scrapePath is exporter url path for Time Series Database to scrape metrics." - maxLength: 128 - type: "string" - scrapePort: - anyOf: - - type: "integer" - - type: "string" - description: "scrapePort is exporter port for Time Series Database to scrape metrics." - x-kubernetes-int-or-string: true - required: - - "scrapePort" - type: "object" - type: "object" podManagementPolicy: description: "InstanceSet controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down.\n\n\n- `OrderedReady`: Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod\nis ready before continuing. Pods are removed in reverse order when scaling down.\n- `Parallel`: Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once\nwhen scaling down." type: "string" diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml index aca48c287..176b9e8fe 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml @@ -2032,6 +2032,15 @@ spec: items: type: "string" type: "array" + parallelPodManagementConcurrency: + anyOf: + - type: "integer" + - type: "string" + description: "Controls the concurrency of pods during initial scale up, when replacing pods on nodes,\nor when scaling down. It only used when `PodManagementPolicy` is set to `Parallel`.\nThe default Concurrency is 100%." + x-kubernetes-int-or-string: true + podUpdatePolicy: + description: "PodUpdatePolicy indicates how pods should be updated\n\n\n- `StrictInPlace` indicates that only allows in-place upgrades.\nAny attempt to modify other fields will be rejected.\n- `PreferInPlace` indicates that we will first attempt an in-place upgrade of the Pod.\nIf that fails, it will fall back to the ReCreate, where pod will be recreated.\nDefault value is \"PreferInPlace\"" + type: "string" replicas: default: 1 description: "Specifies the desired number of replicas in the Component for enhancing availability and durability, or load balancing." @@ -2874,6 +2883,9 @@ spec: - "name" type: "object" type: "array" + stop: + description: "Stop the Component.\nIf set, all the computing resources will be released." + type: "boolean" systemAccounts: description: "Overrides system accounts defined in referenced ComponentDefinition." items: diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsrequests.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsrequests.yaml index 8f38ed925..8d26cce84 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsrequests.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsrequests.yaml @@ -209,7 +209,7 @@ spec: podSelector: additionalProperties: type: "string" - description: "Routes service traffic to pods with matching label keys and values.\nIf specified, the service will only be exposed to pods matching the selector.\n\n\nNote: At least one of 'roleSelector' or 'podSelector' must be specified.\nIf both are specified, a pod must match both conditions to be selected." + description: "Routes service traffic to pods with matching label keys and values.\nIf specified, the service will only be exposed to pods matching the selector.\n\n\nNote: If the component has roles, at least one of 'roleSelector' or 'podSelector' must be specified.\nIf both are specified, a pod must match both conditions to be selected." type: "object" x-kubernetes-map-type: "atomic" ports: @@ -250,7 +250,7 @@ spec: - "protocol" x-kubernetes-list-type: "map" roleSelector: - description: "Specifies a role to target with the service.\nIf specified, the service will only be exposed to pods with the matching role.\n\n\nNote: At least one of 'roleSelector' or 'podSelector' must be specified.\nIf both are specified, a pod must match both conditions to be selected." + description: "Specifies a role to target with the service.\nIf specified, the service will only be exposed to pods with the matching role.\n\n\nNote: If the component has roles, at least one of 'roleSelector' or 'podSelector' must be specified.\nIf both are specified, a pod must match both conditions to be selected." type: "string" serviceType: description: "Determines how the Service is exposed. Defaults to 'ClusterIP'.\nValid options are `ClusterIP`, `NodePort`, and `LoadBalancer`.\n\n\n- `ClusterIP`: allocates a cluster-internal IP address for load-balancing to endpoints.\n Endpoints are determined by the selector or if that is not specified,\n they are determined by manual construction of an Endpoints object or EndpointSlice objects.\n- `NodePort`: builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP.\n- `LoadBalancer`: builds on NodePort and creates an external load-balancer (if supported in the current cloud)\n which routes to the same endpoints as the clusterIP.\n\n\nNote: although K8s Service type allows the 'ExternalName' type, it is not a valid option for the expose operation.\n\n\nFor more info, see:\nhttps://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types." @@ -2181,6 +2181,9 @@ spec: componentName: description: "Specifies the name of the Component." type: "string" + inPlace: + description: "When it is set to true, the instance will be rebuilt in-place.\nBy default, a new pod will be created. Once the new pod is ready to serve,\nthe instance that require rebuilding will be taken offline." + type: "boolean" instances: description: "Specifies the instances (Pods) that need to be rebuilt, typically operating as standbys." items: @@ -2194,6 +2197,7 @@ spec: required: - "name" type: "object" + minItems: 1 type: "array" restoreEnv: description: "Defines container environment variables for the restore process.\nmerged with the ones specified in the Backup and ActionSet resources.\n\n\nMerge priority: Restore env > Backup env > ActionSet env.\n\n\nPurpose: Some databases require different configurations when being restored as a standby\ncompared to being restored as a primary.\nFor example, when restoring MySQL as a replica, you need to set `skip_slave_start=\"ON\"` for 5.7\nor `skip_replica_start=\"ON\"` for 8.0.\nAllowing environment variables to be passed in makes it more convenient to control these behavioral differences\nduring the restore process." @@ -2648,10 +2652,18 @@ spec: x-kubernetes-validations: - message: "forbidden to update spec.switchover" rule: "self == oldSelf" + timeoutSeconds: + description: "Specifies the maximum duration (in seconds) that an opsRequest is allowed to run.\nIf the opsRequest runs longer than this duration, its phase will be marked as Aborted.\nIf this value is not set or set to 0, the timeout will be ignored and the opsRequest will run indefinitely." + format: "int32" + type: "integer" ttlSecondsAfterSucceed: description: "Specifies the duration in seconds that an OpsRequest will remain in the system after successfully completing\n(when `opsRequest.status.phase` is \"Succeed\") before automatic deletion." format: "int32" type: "integer" + ttlSecondsAfterUnsuccessfulCompletion: + description: "Specifies the duration in seconds that an OpsRequest will remain in the system after completion\nfor any phase other than \"Succeed\" (e.g., \"Failed\", \"Cancelled\", \"Aborted\") before automatic deletion." + format: "int32" + type: "integer" type: description: "Specifies the type of this operation. Supported types include \"Start\", \"Stop\", \"Restart\", \"Switchover\",\n\"VerticalScaling\", \"HorizontalScaling\", \"VolumeExpansion\", \"Reconfiguring\", \"Upgrade\", \"Backup\", \"Restore\",\n\"Expose\", \"DataScript\", \"RebuildInstance\", \"Custom\".\n\n\nNote: This field is immutable once set." enum: diff --git a/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml b/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml index 2e47fe11f..35819ae57 100644 --- a/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml +++ b/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml @@ -211,6 +211,30 @@ spec: - "password" - "username" type: "object" + defaultTemplateOrdinals: + description: "Specifies the desired Ordinals of the default template.\nThe Ordinals used to specify the ordinal of the instance (pod) names to be generated under the default template.\n\n\nFor example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]},\nthen the instance names generated under the default template would be\n$(cluster.name)-$(component.name)-0、$(cluster.name)-$(component.name)-1 and $(cluster.name)-$(component.name)-7" + properties: + discrete: + items: + format: "int32" + type: "integer" + type: "array" + ranges: + items: + description: "Range represents a range with a start and an end value.\nIt is used to define a continuous segment." + properties: + end: + format: "int32" + type: "integer" + start: + format: "int32" + type: "integer" + required: + - "end" + - "start" + type: "object" + type: "array" + type: "object" instances: description: "Overrides values in default Template.\n\n\nInstance is the fundamental unit managed by KubeBlocks.\nIt represents a Pod with additional objects such as PVCs, Services, ConfigMaps, etc.\nAn InstanceSet manages instances with a total count of Replicas,\nand by default, all these instances are generated from the same template.\nThe InstanceTemplate provides a way to override values in the default template,\nallowing the InstanceSet to manage instances from different templates.\n\n\nThe naming convention for instances (pods) based on the InstanceSet Name, InstanceTemplate Name, and ordinal.\nThe constructed instance name follows the pattern: $(instance_set.name)-$(template.name)-$(ordinal).\nBy default, the ordinal starts from 0 for each InstanceTemplate.\nIt is important to ensure that the Name of each InstanceTemplate is unique.\n\n\nThe sum of replicas across all InstanceTemplates should not exceed the total number of Replicas specified for the InstanceSet.\nAny remaining replicas will be generated using the default template and will follow the default naming rules." items: @@ -318,6 +342,30 @@ spec: maxLength: 54 pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" type: "string" + ordinals: + description: "Specifies the desired Ordinals of this InstanceTemplate.\nThe Ordinals used to specify the ordinal of the instance (pod) names to be generated under this InstanceTemplate.\n\n\nFor example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]},\nthen the instance names generated under this InstanceTemplate would be\n$(cluster.name)-$(component.name)-$(template.name)-0、$(cluster.name)-$(component.name)-$(template.name)-1 and\n$(cluster.name)-$(component.name)-$(template.name)-7" + properties: + discrete: + items: + format: "int32" + type: "integer" + type: "array" + ranges: + items: + description: "Range represents a range with a start and an end value.\nIt is used to define a continuous segment." + properties: + end: + format: "int32" + type: "integer" + start: + format: "int32" + type: "integer" + required: + - "end" + - "start" + type: "object" + type: "array" + type: "object" replicas: default: 1 description: "Specifies the number of instances (Pods) to create from this InstanceTemplate.\nThis field allows setting how many replicated instances of the component,\nwith the specific overrides in the InstanceTemplate, are created.\nThe default value is 1. A value of 0 disables instance creation." @@ -2281,12 +2329,21 @@ spec: items: type: "string" type: "array" + parallelPodManagementConcurrency: + anyOf: + - type: "integer" + - type: "string" + description: "Controls the concurrency of pods during initial scale up, when replacing pods on nodes,\nor when scaling down. It only used when `PodManagementPolicy` is set to `Parallel`.\nThe default Concurrency is 100%." + x-kubernetes-int-or-string: true paused: description: "Indicates that the InstanceSet is paused, meaning the reconciliation of this InstanceSet object will be paused." type: "boolean" podManagementPolicy: description: "Controls how pods are created during initial scale up,\nwhen replacing pods on nodes, or when scaling down.\n\n\nThe default policy is `OrderedReady`, where pods are created in increasing order and the controller waits until each pod is ready before\ncontinuing. When scaling down, the pods are removed in the opposite order.\nThe alternative policy is `Parallel` which will create pods in parallel\nto match the desired scale without waiting, and on scale down will delete\nall pods at once.\n\n\nNote: This field will be removed in future version." type: "string" + podUpdatePolicy: + description: "PodUpdatePolicy indicates how pods should be updated\n\n\n- `StrictInPlace` indicates that only allows in-place upgrades.\nAny attempt to modify other fields will be rejected.\n- `PreferInPlace` indicates that we will first attempt an in-place upgrade of the Pod.\nIf that fails, it will fall back to the ReCreate, where pod will be recreated.\nDefault value is \"PreferInPlace\"" + type: "string" replicas: default: 1 description: "Specifies the desired number of replicas of the given Template.\nThese replicas are instantiations of the same Template, with each having a consistent identity.\nDefaults to 1 if unspecified." @@ -7349,6 +7406,38 @@ spec: description: "replicas is the number of instances created by the InstanceSet controller." format: "int32" type: "integer" + templatesStatus: + description: "TemplatesStatus represents status of each instance generated by InstanceTemplates" + items: + description: "InstanceTemplateStatus aggregates the status of replicas for each InstanceTemplate" + properties: + availableReplicas: + description: "AvailableReplicas is the number of Pods that ready for at least minReadySeconds." + format: "int32" + type: "integer" + currentReplicas: + description: "currentReplicas is the number of instances created by the InstanceSet controller from the InstanceSet version\nindicated by CurrentRevisions." + format: "int32" + type: "integer" + name: + description: "Name, the name of the InstanceTemplate." + type: "string" + readyReplicas: + description: "ReadyReplicas is the number of Pods that have a Ready Condition." + format: "int32" + type: "integer" + replicas: + description: "Replicas is the number of replicas of the InstanceTemplate." + format: "int32" + type: "integer" + updatedReplicas: + description: "UpdatedReplicas is the number of Pods created by the InstanceSet controller from the InstanceSet version\nindicated by UpdateRevisions." + format: "int32" + type: "integer" + required: + - "name" + type: "object" + type: "array" updateRevision: description: "updateRevision, if not empty, indicates the version of the InstanceSet used to generate instances in the sequence\n[replicas-updatedReplicas,replicas)" type: "string" @@ -7368,4 +7457,7 @@ spec: served: true storage: true subresources: + scale: + specReplicasPath: ".spec.replicas" + statusReplicasPath: ".status.replicas" status: {} diff --git a/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1/runtimecomponents.yaml b/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1/runtimecomponents.yaml index 6c657d9f8..debed4f5f 100644 --- a/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1/runtimecomponents.yaml +++ b/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1/runtimecomponents.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.11.4" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "runtimecomponents.rc.app.stacks" spec: group: "rc.app.stacks" @@ -91,10 +91,10 @@ spec: description: "Represents the deployment of a runtime component" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -114,9 +114,9 @@ spec: description: "Controls which nodes the pod are scheduled to run on, based on labels on the node." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -124,16 +124,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -145,16 +145,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -175,26 +175,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -206,16 +206,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -241,7 +241,7 @@ spec: description: "Controls the nodes the pod are scheduled to run on, based on labels on the pods that are already running on the node." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -254,16 +254,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -275,26 +275,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -306,23 +306,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -331,9 +331,9 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: description: "A label query over a set of resources, in this case pods." @@ -341,16 +341,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -362,26 +362,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -393,17 +393,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -414,7 +414,7 @@ spec: description: "Enables the ability to prevent running a pod on the same node as another pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -427,16 +427,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -448,26 +448,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -479,23 +479,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -504,9 +504,9 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: description: "A label query over a set of resources, in this case pods." @@ -514,16 +514,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -535,26 +535,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -566,17 +566,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -625,19 +625,19 @@ spec: description: "Specifies the strategy to replace old deployment pods with new pods." properties: rollingUpdate: - description: "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. --- TODO: Update this to follow our convention for oneOf, whatever we decide it to be." + description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate.\n---\nTODO: Update this to follow our convention for oneOf, whatever we decide it\nto be." properties: maxSurge: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods." + description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 25%.\nExample: when this is set to 30%, the new ReplicaSet can be scaled up immediately when\nthe rolling update starts, such that the total number of old and new pods do not exceed\n130% of desired pods. Once old pods have been killed,\nnew ReplicaSet can be scaled up further, ensuring that total number of pods running\nat any time during the update is at most 130% of desired pods." x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods." + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 25%.\nExample: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods\nimmediately when the rolling update starts. Once new pods are ready, old ReplicaSet\ncan be scaled down further, followed by scaling up the new ReplicaSet, ensuring\nthat the total number of pods available at all times during the update is at\nleast 70% of desired pods." x-kubernetes-int-or-string: true type: "object" type: @@ -645,6 +645,9 @@ spec: type: "string" type: "object" type: "object" + disableServiceLinks: + description: "Disable information about services being injected into the application pod's environment variables. Default to false." + type: "boolean" env: description: "An array of environment variables for the application container." items: @@ -654,7 +657,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -666,7 +669,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -676,7 +679,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -689,7 +692,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -715,7 +718,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -741,7 +744,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -755,7 +758,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -774,17 +777,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -792,7 +795,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -804,7 +807,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -814,7 +817,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -827,7 +830,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -853,7 +856,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -868,7 +871,7 @@ spec: type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -876,7 +879,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -890,7 +893,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -900,22 +903,22 @@ spec: type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -924,7 +927,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -932,7 +935,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -949,16 +952,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -967,20 +970,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -989,7 +992,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -997,7 +1000,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1014,16 +1017,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1032,7 +1035,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -1040,30 +1043,30 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1072,7 +1075,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1080,7 +1083,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1097,24 +1100,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1127,45 +1130,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -1176,30 +1179,30 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1208,7 +1211,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1216,7 +1219,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1233,24 +1236,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1263,30 +1266,30 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1302,7 +1305,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1311,17 +1314,17 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -1337,27 +1340,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -1373,59 +1376,59 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1434,7 +1437,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1442,7 +1445,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1459,24 +1462,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1489,34 +1492,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -1535,27 +1538,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1563,7 +1566,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -1593,7 +1596,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1603,20 +1606,20 @@ spec: type: "object" x-kubernetes-map-type: "atomic" type: - description: "Set the authentication type. Defaults to Bearer, Basic will cause an error" + description: "Set the authentication type. Defaults to Bearer, Basic will cause an\nerror" type: "string" type: "object" basicAuth: - description: "BasicAuth allow an endpoint to authenticate over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints" + description: "BasicAuth allow an endpoint to authenticate over basic authentication\nMore info: https://prometheus.io/docs/operating/configuration/#endpoints" properties: password: - description: "The secret in the service monitor namespace that contains the password for authentication." + description: "The secret in the service monitor namespace that contains the password\nfor authentication." properties: key: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1626,13 +1629,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" username: - description: "The secret in the service monitor namespace that contains the username for authentication." + description: "The secret in the service monitor namespace that contains the username\nfor authentication." properties: key: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1646,13 +1649,13 @@ spec: description: "File to read bearer token for scraping targets." type: "string" bearerTokenSecret: - description: "Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the service monitor and accessible by the Prometheus Operator." + description: "Secret to mount to read bearer token for scraping targets. The secret\nneeds to be in the same namespace as the service monitor and accessible by\nthe Prometheus Operator." properties: key: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1665,7 +1668,7 @@ spec: description: "Whether to enable HTTP2." type: "boolean" filterRunning: - description: "Drop pods that are not running. (Failed, Succeeded). Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase" + description: "Drop pods that are not running. (Failed, Succeeded). Enabled by default.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase" type: "boolean" followRedirects: description: "FollowRedirects configures whether scrape requests follow HTTP 3xx redirects." @@ -1677,17 +1680,17 @@ spec: description: "HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data." type: "boolean" interval: - description: "Interval at which metrics should be scraped If not specified Prometheus' global scrape interval is used." + description: "Interval at which metrics should be scraped\nIf not specified Prometheus' global scrape interval is used." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" metricRelabelings: description: "MetricRelabelConfigs to apply to samples before ingestion." items: - description: "RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs" + description: "RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion.\nIt defines ``-section of Prometheus configuration.\nMore info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs" properties: action: default: "replace" - description: "Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36." + description: "Action to perform based on regex matching. Default is 'replace'.\nuppercase and lowercase actions require Prometheus >= 2.36." enum: - "replace" - "Replace" @@ -1720,20 +1723,20 @@ spec: description: "Regular expression against which the extracted value is matched. Default is '(.*)'" type: "string" replacement: - description: "Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'" + description: "Replacement value against which a regex replace is performed if the\nregular expression matches. Regex capture groups are available. Default is '$1'" type: "string" separator: description: "Separator placed between concatenated source label values. default is ';'." type: "string" sourceLabels: - description: "The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions." + description: "The source labels select values from existing labels. Their content is concatenated\nusing the configured separator and matched against the configured regular expression\nfor the replace, keep, and drop actions." items: description: "LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores." pattern: "^[a-zA-Z_][a-zA-Z0-9_]*$" type: "string" type: "array" targetLabel: - description: "Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available." + description: "Label to which the resulting value is written in a replace action.\nIt is mandatory for replace actions. Regex capture groups are available." type: "string" type: "object" type: "array" @@ -1750,7 +1753,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1766,7 +1769,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1783,7 +1786,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1819,7 +1822,7 @@ spec: description: "Optional HTTP URL parameters" type: "object" path: - description: "HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. `/metrics`)." + description: "HTTP path to scrape for metrics.\nIf empty, Prometheus uses the default value (e.g. `/metrics`)." type: "string" port: description: "Name of the service port this endpoint refers to. Mutually exclusive with targetPort." @@ -1828,13 +1831,13 @@ spec: description: "ProxyURL eg http://proxyserver:2195 Directs scrapes to proxy through this endpoint." type: "string" relabelings: - description: "RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job's name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + description: "RelabelConfigs to apply to samples before scraping.\nPrometheus Operator automatically adds relabelings for a few standard Kubernetes fields.\nThe original scrape job's name is available via the `__tmp_prometheus_job_name` label.\nMore info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" items: - description: "RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs" + description: "RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion.\nIt defines ``-section of Prometheus configuration.\nMore info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs" properties: action: default: "replace" - description: "Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36." + description: "Action to perform based on regex matching. Default is 'replace'.\nuppercase and lowercase actions require Prometheus >= 2.36." enum: - "replace" - "Replace" @@ -1867,20 +1870,20 @@ spec: description: "Regular expression against which the extracted value is matched. Default is '(.*)'" type: "string" replacement: - description: "Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'" + description: "Replacement value against which a regex replace is performed if the\nregular expression matches. Regex capture groups are available. Default is '$1'" type: "string" separator: description: "Separator placed between concatenated source label values. default is ';'." type: "string" sourceLabels: - description: "The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions." + description: "The source labels select values from existing labels. Their content is concatenated\nusing the configured separator and matched against the configured regular expression\nfor the replace, keep, and drop actions." items: description: "LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores." pattern: "^[a-zA-Z_][a-zA-Z0-9_]*$" type: "string" type: "array" targetLabel: - description: "Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available." + description: "Label to which the resulting value is written in a replace action.\nIt is mandatory for replace actions. Regex capture groups are available." type: "string" type: "object" type: "array" @@ -1888,7 +1891,7 @@ spec: description: "HTTP scheme to use for scraping." type: "string" scrapeTimeout: - description: "Timeout after which the scrape is ended If not specified, the Prometheus global scrape timeout is used unless it is less than `Interval` in which the latter is used." + description: "Timeout after which the scrape is ended\nIf not specified, the Prometheus global scrape timeout is used unless it is less than `Interval` in which the latter is used." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" targetPort: @@ -1910,7 +1913,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1926,7 +1929,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1949,7 +1952,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1965,7 +1968,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1991,7 +1994,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2040,24 +2043,24 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2066,7 +2069,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2074,7 +2077,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2091,24 +2094,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2121,17 +2124,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -2142,24 +2145,24 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2168,7 +2171,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2176,7 +2179,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2193,24 +2196,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2223,17 +2226,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -2244,24 +2247,24 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2270,7 +2273,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2278,7 +2281,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2295,24 +2298,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2325,17 +2328,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -2354,12 +2357,12 @@ spec: description: "Resource requests and limits for the application container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2375,7 +2378,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2384,7 +2387,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" route: @@ -2418,10 +2421,10 @@ spec: description: "Security context for the application container." properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -2437,27 +2440,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -2473,31 +2476,31 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" @@ -2545,13 +2548,13 @@ spec: description: "ServicePort contains information on service's port." properties: appProtocol: - description: "The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol." + description: "The application protocol for this port.\nThis field follows standard Kubernetes label syntax.\nUn-prefixed names are reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\nNon-standard protocols should use prefixed names such as\nmycompany.com/my-custom-protocol." type: "string" name: - description: "The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service." + description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service." type: "string" nodePort: - description: "The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" + description: "The port on each node on which this service is exposed when type is\nNodePort or LoadBalancer. Usually assigned by the system. If a value is\nspecified, in-range, and not in use it will be used, otherwise the\noperation will fail. If not specified, a port will be allocated if this\nService requires one. If this field is specified when creating a\nService which does not need it, creation will fail. This field will be\nwiped when updating a Service to no longer need it (e.g. changing type\nfrom NodePort to ClusterIP).\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" format: "int32" type: "integer" port: @@ -2560,13 +2563,13 @@ spec: type: "integer" protocol: default: "TCP" - description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP." + description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\".\nDefault is TCP." type: "string" targetPort: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service" + description: "Number or name of the port to access on the pods targeted by the service.\nNumber must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.\nIf this is a string, it will be looked up as a named port in the\ntarget Pod's container ports. If this is not specified, the value\nof the 'port' field is used (an identity map).\nThis field is ignored for services with clusterIP=None, and should be\nomitted or set equal to the 'port' field.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service" x-kubernetes-int-or-string: true required: - "port" @@ -2601,17 +2604,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -2619,7 +2622,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -2631,7 +2634,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2641,7 +2644,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -2654,7 +2657,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -2680,7 +2683,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2695,7 +2698,7 @@ spec: type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -2703,7 +2706,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2717,7 +2720,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2727,22 +2730,22 @@ spec: type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2751,7 +2754,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2759,7 +2762,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2776,16 +2779,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2794,20 +2797,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2816,7 +2819,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2824,7 +2827,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2841,16 +2844,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2859,7 +2862,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -2867,30 +2870,30 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2899,7 +2902,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2907,7 +2910,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2924,24 +2927,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2954,45 +2957,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -3003,30 +3006,30 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -3035,7 +3038,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -3043,7 +3046,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -3060,24 +3063,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -3090,30 +3093,30 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -3129,7 +3132,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3138,17 +3141,17 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -3164,27 +3167,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -3200,59 +3203,59 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -3261,7 +3264,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -3269,7 +3272,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -3286,24 +3289,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -3316,34 +3319,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -3362,27 +3365,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -3390,7 +3393,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -3425,13 +3428,13 @@ spec: description: "A YAML object that represents a volumeClaimTemplate component of a StatefulSet." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: - description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + description: "Standard object's metadata.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" properties: annotations: additionalProperties: @@ -3451,18 +3454,18 @@ spec: type: "string" type: "object" spec: - description: "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "spec defines the desired characteristics of a volume requested by a pod author.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3476,10 +3479,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3488,22 +3491,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -3519,7 +3522,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3528,7 +3531,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -3537,16 +3540,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3558,25 +3561,25 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" status: - description: "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "status represents the current information/status of a persistent volume claim.\nRead-only.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: accessModes: - description: "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the actual access modes the volume backing the PVC has.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" @@ -3587,7 +3590,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may\nbe larger than the actual capacity when a volume expansion operation is requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: "object" capacity: additionalProperties: @@ -3599,7 +3602,7 @@ spec: description: "capacity represents the actual resources of the underlying volume." type: "object" conditions: - description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'." + description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being\nresized then the Condition will be set to 'ResizeStarted'." items: description: "PersistentVolumeClaimCondition contails details about state of pvc" properties: @@ -3615,7 +3618,7 @@ spec: description: "message is the human-readable message indicating details about last transition." type: "string" reason: - description: "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized." + description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"ResizeStarted\" that means the underlying\npersistent volume is being resized." type: "string" status: type: "string" @@ -3631,7 +3634,7 @@ spec: description: "phase represents the current phase of PersistentVolumeClaim." type: "string" resizeStatus: - description: "resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + description: "resizeStatus stores status of resize operation.\nResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty\nstring by resize controller or kubelet.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: "string" type: "object" type: "object" @@ -3646,15 +3649,15 @@ spec: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable." + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. This field is alpha-level and is only honored by servers that enable the\nMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to\nReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it\nwill be counted towards MaxUnavailable." x-kubernetes-int-or-string: true partition: - description: "Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0." + description: "Partition indicates the ordinal at which the StatefulSet should be partitioned\nfor updates. During a rolling update, all pods from ordinal Replicas-1 to\nPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.\nThis is helpful in being able to do a canary based deployment. The default value is 0." format: "int32" type: "integer" type: "object" type: - description: "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate." + description: "Type indicates the type of the StatefulSetUpdateStrategy.\nDefault is RollingUpdate." type: "string" type: "object" type: "object" @@ -3667,21 +3670,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3693,35 +3696,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. Keys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -3739,22 +3742,22 @@ spec: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -3768,20 +3771,20 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" @@ -3799,13 +3802,13 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" @@ -3815,7 +3818,7 @@ spec: description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -3831,7 +3834,7 @@ spec: description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" @@ -3839,44 +3842,44 @@ spec: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -3885,11 +3888,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3897,11 +3900,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3909,7 +3912,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3920,26 +3923,26 @@ spec: description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -3948,7 +3951,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -3970,14 +3973,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -4002,27 +4005,27 @@ spec: type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: http://kubernetes.io/docs/user-guide/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." properties: annotations: additionalProperties: @@ -4042,18 +4045,18 @@ spec: type: "string" type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -4067,10 +4070,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -4079,22 +4082,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4110,7 +4113,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4119,7 +4122,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -4128,16 +4131,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4149,15 +4152,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -4171,14 +4174,14 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" @@ -4186,19 +4189,19 @@ spec: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -4206,13 +4209,13 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4223,36 +4226,36 @@ spec: description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -4264,35 +4267,35 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -4301,39 +4304,39 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -4341,32 +4344,32 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -4375,7 +4378,7 @@ spec: description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -4387,10 +4390,10 @@ spec: description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -4402,7 +4405,7 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: @@ -4414,7 +4417,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -4422,11 +4425,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4434,7 +4437,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -4463,14 +4466,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -4498,7 +4501,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -4506,11 +4509,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4518,7 +4521,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -4529,14 +4532,14 @@ spec: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -4548,19 +4551,19 @@ spec: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -4570,38 +4573,38 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" @@ -4611,7 +4614,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -4620,13 +4623,13 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4634,7 +4637,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -4643,7 +4646,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -4651,14 +4654,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -4666,11 +4669,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4681,38 +4684,38 @@ spec: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -4740,10 +4743,10 @@ spec: description: "Defines the observed state of RuntimeComponent." properties: binding: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1/runtimeoperations.yaml b/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1/runtimeoperations.yaml index 0651e4783..44b70abe0 100644 --- a/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1/runtimeoperations.yaml +++ b/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1/runtimeoperations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.11.4" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "runtimeoperations.rc.app.stacks" spec: group: "rc.app.stacks" @@ -19,10 +19,10 @@ spec: description: "Day-2 operation to execute on an instance of runtime component" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" diff --git a/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1beta2/runtimecomponents.yaml b/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1beta2/runtimecomponents.yaml index 3eb9e4df8..74726d861 100644 --- a/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1beta2/runtimecomponents.yaml +++ b/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1beta2/runtimecomponents.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.11.4" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "runtimecomponents.rc.app.stacks" spec: group: "rc.app.stacks" @@ -49,10 +49,10 @@ spec: description: "Represents the deployment of a runtime component" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -72,9 +72,9 @@ spec: description: "Controls which nodes the pod are scheduled to run on, based on labels on the node." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -82,16 +82,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -103,16 +103,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -133,26 +133,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -164,16 +164,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -199,7 +199,7 @@ spec: description: "Controls the nodes the pod are scheduled to run on, based on labels on the pods that are already running on the node." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -212,16 +212,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -233,26 +233,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -264,23 +264,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -289,9 +289,9 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: description: "A label query over a set of resources, in this case pods." @@ -299,16 +299,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -320,26 +320,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -351,17 +351,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -372,7 +372,7 @@ spec: description: "Enables the ability to prevent running a pod on the same node as another pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -385,16 +385,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -406,26 +406,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -437,23 +437,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -462,9 +462,9 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: description: "A label query over a set of resources, in this case pods." @@ -472,16 +472,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -493,26 +493,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -524,17 +524,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -583,19 +583,19 @@ spec: description: "Specifies the strategy to replace old deployment pods with new pods." properties: rollingUpdate: - description: "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. --- TODO: Update this to follow our convention for oneOf, whatever we decide it to be." + description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate.\n---\nTODO: Update this to follow our convention for oneOf, whatever we decide it\nto be." properties: maxSurge: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods." + description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 25%.\nExample: when this is set to 30%, the new ReplicaSet can be scaled up immediately when\nthe rolling update starts, such that the total number of old and new pods do not exceed\n130% of desired pods. Once old pods have been killed,\nnew ReplicaSet can be scaled up further, ensuring that total number of pods running\nat any time during the update is at most 130% of desired pods." x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods." + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 25%.\nExample: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods\nimmediately when the rolling update starts. Once new pods are ready, old ReplicaSet\ncan be scaled down further, followed by scaling up the new ReplicaSet, ensuring\nthat the total number of pods available at all times during the update is at\nleast 70% of desired pods." x-kubernetes-int-or-string: true type: "object" type: @@ -612,7 +612,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -624,7 +624,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -634,7 +634,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -647,7 +647,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -673,7 +673,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -699,7 +699,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -713,7 +713,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -732,17 +732,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -750,7 +750,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -762,7 +762,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -772,7 +772,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -785,7 +785,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -811,7 +811,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -826,7 +826,7 @@ spec: type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -834,7 +834,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -848,7 +848,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -858,22 +858,22 @@ spec: type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -882,7 +882,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -890,7 +890,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -907,16 +907,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -925,20 +925,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -947,7 +947,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -955,7 +955,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -972,16 +972,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -990,7 +990,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -998,30 +998,30 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1030,7 +1030,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1038,7 +1038,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1055,24 +1055,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1085,45 +1085,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -1134,30 +1134,30 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1166,7 +1166,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1174,7 +1174,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1191,24 +1191,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1221,30 +1221,30 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1260,7 +1260,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1269,17 +1269,17 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -1295,27 +1295,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -1331,59 +1331,59 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1392,7 +1392,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1400,7 +1400,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1417,24 +1417,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1447,34 +1447,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -1493,27 +1493,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1521,7 +1521,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -1548,7 +1548,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1558,20 +1558,20 @@ spec: type: "object" x-kubernetes-map-type: "atomic" type: - description: "Set the authentication type. Defaults to Bearer, Basic will cause an error" + description: "Set the authentication type. Defaults to Bearer, Basic will cause an\nerror" type: "string" type: "object" basicAuth: - description: "BasicAuth allow an endpoint to authenticate over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints" + description: "BasicAuth allow an endpoint to authenticate over basic authentication\nMore info: https://prometheus.io/docs/operating/configuration/#endpoints" properties: password: - description: "The secret in the service monitor namespace that contains the password for authentication." + description: "The secret in the service monitor namespace that contains the password\nfor authentication." properties: key: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1581,13 +1581,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" username: - description: "The secret in the service monitor namespace that contains the username for authentication." + description: "The secret in the service monitor namespace that contains the username\nfor authentication." properties: key: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1601,13 +1601,13 @@ spec: description: "File to read bearer token for scraping targets." type: "string" bearerTokenSecret: - description: "Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the service monitor and accessible by the Prometheus Operator." + description: "Secret to mount to read bearer token for scraping targets. The secret\nneeds to be in the same namespace as the service monitor and accessible by\nthe Prometheus Operator." properties: key: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1620,7 +1620,7 @@ spec: description: "Whether to enable HTTP2." type: "boolean" filterRunning: - description: "Drop pods that are not running. (Failed, Succeeded). Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase" + description: "Drop pods that are not running. (Failed, Succeeded). Enabled by default.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase" type: "boolean" followRedirects: description: "FollowRedirects configures whether scrape requests follow HTTP 3xx redirects." @@ -1632,17 +1632,17 @@ spec: description: "HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data." type: "boolean" interval: - description: "Interval at which metrics should be scraped If not specified Prometheus' global scrape interval is used." + description: "Interval at which metrics should be scraped\nIf not specified Prometheus' global scrape interval is used." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" metricRelabelings: description: "MetricRelabelConfigs to apply to samples before ingestion." items: - description: "RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs" + description: "RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion.\nIt defines ``-section of Prometheus configuration.\nMore info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs" properties: action: default: "replace" - description: "Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36." + description: "Action to perform based on regex matching. Default is 'replace'.\nuppercase and lowercase actions require Prometheus >= 2.36." enum: - "replace" - "Replace" @@ -1675,20 +1675,20 @@ spec: description: "Regular expression against which the extracted value is matched. Default is '(.*)'" type: "string" replacement: - description: "Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'" + description: "Replacement value against which a regex replace is performed if the\nregular expression matches. Regex capture groups are available. Default is '$1'" type: "string" separator: description: "Separator placed between concatenated source label values. default is ';'." type: "string" sourceLabels: - description: "The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions." + description: "The source labels select values from existing labels. Their content is concatenated\nusing the configured separator and matched against the configured regular expression\nfor the replace, keep, and drop actions." items: description: "LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores." pattern: "^[a-zA-Z_][a-zA-Z0-9_]*$" type: "string" type: "array" targetLabel: - description: "Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available." + description: "Label to which the resulting value is written in a replace action.\nIt is mandatory for replace actions. Regex capture groups are available." type: "string" type: "object" type: "array" @@ -1705,7 +1705,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1721,7 +1721,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1738,7 +1738,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1774,7 +1774,7 @@ spec: description: "Optional HTTP URL parameters" type: "object" path: - description: "HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. `/metrics`)." + description: "HTTP path to scrape for metrics.\nIf empty, Prometheus uses the default value (e.g. `/metrics`)." type: "string" port: description: "Name of the service port this endpoint refers to. Mutually exclusive with targetPort." @@ -1783,13 +1783,13 @@ spec: description: "ProxyURL eg http://proxyserver:2195 Directs scrapes to proxy through this endpoint." type: "string" relabelings: - description: "RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job's name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + description: "RelabelConfigs to apply to samples before scraping.\nPrometheus Operator automatically adds relabelings for a few standard Kubernetes fields.\nThe original scrape job's name is available via the `__tmp_prometheus_job_name` label.\nMore info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" items: - description: "RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs" + description: "RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion.\nIt defines ``-section of Prometheus configuration.\nMore info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs" properties: action: default: "replace" - description: "Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36." + description: "Action to perform based on regex matching. Default is 'replace'.\nuppercase and lowercase actions require Prometheus >= 2.36." enum: - "replace" - "Replace" @@ -1822,20 +1822,20 @@ spec: description: "Regular expression against which the extracted value is matched. Default is '(.*)'" type: "string" replacement: - description: "Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'" + description: "Replacement value against which a regex replace is performed if the\nregular expression matches. Regex capture groups are available. Default is '$1'" type: "string" separator: description: "Separator placed between concatenated source label values. default is ';'." type: "string" sourceLabels: - description: "The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions." + description: "The source labels select values from existing labels. Their content is concatenated\nusing the configured separator and matched against the configured regular expression\nfor the replace, keep, and drop actions." items: description: "LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores." pattern: "^[a-zA-Z_][a-zA-Z0-9_]*$" type: "string" type: "array" targetLabel: - description: "Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available." + description: "Label to which the resulting value is written in a replace action.\nIt is mandatory for replace actions. Regex capture groups are available." type: "string" type: "object" type: "array" @@ -1843,7 +1843,7 @@ spec: description: "HTTP scheme to use for scraping." type: "string" scrapeTimeout: - description: "Timeout after which the scrape is ended If not specified, the Prometheus global scrape timeout is used unless it is less than `Interval` in which the latter is used." + description: "Timeout after which the scrape is ended\nIf not specified, the Prometheus global scrape timeout is used unless it is less than `Interval` in which the latter is used." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" targetPort: @@ -1865,7 +1865,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1881,7 +1881,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1904,7 +1904,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1920,7 +1920,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1946,7 +1946,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1978,24 +1978,24 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2004,7 +2004,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2012,7 +2012,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2029,24 +2029,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2059,17 +2059,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -2080,24 +2080,24 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2106,7 +2106,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2114,7 +2114,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2131,24 +2131,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2161,17 +2161,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -2182,24 +2182,24 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2208,7 +2208,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2216,7 +2216,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2233,24 +2233,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2263,17 +2263,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -2292,12 +2292,12 @@ spec: description: "Resource requests and limits for the application container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2313,7 +2313,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2322,7 +2322,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" route: @@ -2387,13 +2387,13 @@ spec: description: "ServicePort contains information on service's port." properties: appProtocol: - description: "The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol." + description: "The application protocol for this port.\nThis field follows standard Kubernetes label syntax.\nUn-prefixed names are reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\nNon-standard protocols should use prefixed names such as\nmycompany.com/my-custom-protocol." type: "string" name: - description: "The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service." + description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service." type: "string" nodePort: - description: "The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" + description: "The port on each node on which this service is exposed when type is\nNodePort or LoadBalancer. Usually assigned by the system. If a value is\nspecified, in-range, and not in use it will be used, otherwise the\noperation will fail. If not specified, a port will be allocated if this\nService requires one. If this field is specified when creating a\nService which does not need it, creation will fail. This field will be\nwiped when updating a Service to no longer need it (e.g. changing type\nfrom NodePort to ClusterIP).\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" format: "int32" type: "integer" port: @@ -2402,13 +2402,13 @@ spec: type: "integer" protocol: default: "TCP" - description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP." + description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\".\nDefault is TCP." type: "string" targetPort: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service" + description: "Number or name of the port to access on the pods targeted by the service.\nNumber must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.\nIf this is a string, it will be looked up as a named port in the\ntarget Pod's container ports. If this is not specified, the value\nof the 'port' field is used (an identity map).\nThis field is ignored for services with clusterIP=None, and should be\nomitted or set equal to the 'port' field.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service" x-kubernetes-int-or-string: true required: - "port" @@ -2433,17 +2433,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -2451,7 +2451,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -2463,7 +2463,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2473,7 +2473,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -2486,7 +2486,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -2512,7 +2512,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2527,7 +2527,7 @@ spec: type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -2535,7 +2535,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2549,7 +2549,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2559,22 +2559,22 @@ spec: type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2583,7 +2583,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2591,7 +2591,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2608,16 +2608,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2626,20 +2626,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2648,7 +2648,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2656,7 +2656,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2673,16 +2673,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2691,7 +2691,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -2699,30 +2699,30 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2731,7 +2731,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2739,7 +2739,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2756,24 +2756,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2786,45 +2786,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -2835,30 +2835,30 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2867,7 +2867,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2875,7 +2875,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2892,24 +2892,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2922,30 +2922,30 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2961,7 +2961,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2970,17 +2970,17 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -2996,27 +2996,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -3032,59 +3032,59 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -3093,7 +3093,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -3101,7 +3101,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -3118,24 +3118,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -3148,34 +3148,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -3194,27 +3194,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -3222,7 +3222,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -3253,13 +3253,13 @@ spec: description: "A YAML object that represents a volumeClaimTemplate component of a StatefulSet." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: - description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + description: "Standard object's metadata.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" properties: annotations: additionalProperties: @@ -3279,18 +3279,18 @@ spec: type: "string" type: "object" spec: - description: "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "spec defines the desired characteristics of a volume requested by a pod author.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3304,10 +3304,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3316,22 +3316,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -3347,7 +3347,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3356,7 +3356,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -3365,16 +3365,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3386,25 +3386,25 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" status: - description: "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "status represents the current information/status of a persistent volume claim.\nRead-only.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: accessModes: - description: "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the actual access modes the volume backing the PVC has.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" @@ -3415,7 +3415,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may\nbe larger than the actual capacity when a volume expansion operation is requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: "object" capacity: additionalProperties: @@ -3427,7 +3427,7 @@ spec: description: "capacity represents the actual resources of the underlying volume." type: "object" conditions: - description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'." + description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being\nresized then the Condition will be set to 'ResizeStarted'." items: description: "PersistentVolumeClaimCondition contails details about state of pvc" properties: @@ -3443,7 +3443,7 @@ spec: description: "message is the human-readable message indicating details about last transition." type: "string" reason: - description: "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized." + description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"ResizeStarted\" that means the underlying\npersistent volume is being resized." type: "string" status: type: "string" @@ -3459,7 +3459,7 @@ spec: description: "phase represents the current phase of PersistentVolumeClaim." type: "string" resizeStatus: - description: "resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + description: "resizeStatus stores status of resize operation.\nResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty\nstring by resize controller or kubelet.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: "string" type: "object" type: "object" @@ -3474,15 +3474,15 @@ spec: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable." + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. This field is alpha-level and is only honored by servers that enable the\nMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to\nReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it\nwill be counted towards MaxUnavailable." x-kubernetes-int-or-string: true partition: - description: "Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0." + description: "Partition indicates the ordinal at which the StatefulSet should be partitioned\nfor updates. During a rolling update, all pods from ordinal Replicas-1 to\nPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.\nThis is helpful in being able to do a canary based deployment. The default value is 0." format: "int32" type: "integer" type: "object" type: - description: "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate." + description: "Type indicates the type of the StatefulSetUpdateStrategy.\nDefault is RollingUpdate." type: "string" type: "object" type: "object" @@ -3492,22 +3492,22 @@ spec: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -3521,20 +3521,20 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" @@ -3552,13 +3552,13 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" @@ -3568,7 +3568,7 @@ spec: description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -3584,7 +3584,7 @@ spec: description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" @@ -3592,44 +3592,44 @@ spec: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -3638,11 +3638,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3650,11 +3650,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3662,7 +3662,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3673,26 +3673,26 @@ spec: description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -3701,7 +3701,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -3723,14 +3723,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -3755,27 +3755,27 @@ spec: type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: http://kubernetes.io/docs/user-guide/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." properties: annotations: additionalProperties: @@ -3795,18 +3795,18 @@ spec: type: "string" type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3820,10 +3820,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3832,22 +3832,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -3863,7 +3863,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3872,7 +3872,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -3881,16 +3881,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3902,15 +3902,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -3924,14 +3924,14 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" @@ -3939,19 +3939,19 @@ spec: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -3959,13 +3959,13 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3976,36 +3976,36 @@ spec: description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -4017,35 +4017,35 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -4054,39 +4054,39 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -4094,32 +4094,32 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -4128,7 +4128,7 @@ spec: description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -4140,10 +4140,10 @@ spec: description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -4155,7 +4155,7 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: @@ -4167,7 +4167,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -4175,11 +4175,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4187,7 +4187,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -4216,14 +4216,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -4251,7 +4251,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -4259,11 +4259,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4271,7 +4271,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -4282,14 +4282,14 @@ spec: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -4301,19 +4301,19 @@ spec: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -4323,38 +4323,38 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" @@ -4364,7 +4364,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -4373,13 +4373,13 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4387,7 +4387,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -4396,7 +4396,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -4404,14 +4404,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -4419,11 +4419,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4434,38 +4434,38 @@ spec: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -4493,10 +4493,10 @@ spec: description: "Defines the observed state of RuntimeComponent." properties: binding: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1beta2/runtimeoperations.yaml b/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1beta2/runtimeoperations.yaml index c345dcfa2..3779352e5 100644 --- a/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1beta2/runtimeoperations.yaml +++ b/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1beta2/runtimeoperations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.11.4" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "runtimeoperations.rc.app.stacks" spec: group: "rc.app.stacks" @@ -19,10 +19,10 @@ spec: description: "Day-2 operation to execute on an instance of runtime component" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" diff --git a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/argocdexports.yaml b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/argocdexports.yaml index 04d30cec8..54e4ad208 100644 --- a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/argocdexports.yaml +++ b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/argocdexports.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "argocdexports.argoproj.io" spec: group: "argoproj.io" @@ -19,10 +19,10 @@ spec: description: "ArgoCDExport is the Schema for the argocdexports API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -48,15 +48,15 @@ spec: description: "PVC is the desired characteristics for a PersistentVolumeClaim." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -68,11 +68,12 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -81,22 +82,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -112,7 +113,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -121,7 +122,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -130,16 +131,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -151,14 +152,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -178,7 +180,7 @@ spec: description: "ArgoCDExportStatus defines the observed state of ArgoCDExport" properties: phase: - description: "Phase is a simple, high-level summary of where the ArgoCDExport is in its lifecycle. There are five possible phase values: Pending: The ArgoCDExport has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the containers for the ArgoCDExport are still running, or in the process of starting or restarting. Succeeded: All containers for the ArgoCDExport have terminated in success, and will not be restarted. Failed: At least one container has terminated in failure, either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the ArgoCDExport could not be obtained." + description: "Phase is a simple, high-level summary of where the ArgoCDExport is in its lifecycle.\nThere are five possible phase values:\nPending: The ArgoCDExport has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the containers for the ArgoCDExport are still running, or in the process of starting or restarting.\nSucceeded: All containers for the ArgoCDExport have terminated in success, and will not be restarted.\nFailed: At least one container has terminated in failure, either exited with non-zero status or was terminated by the system.\nUnknown: For some reason the state of the ArgoCDExport could not be obtained." type: "string" required: - "phase" @@ -188,9 +190,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/argocds.yaml b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/argocds.yaml index c6a22f3ab..06415cca9 100644 --- a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/argocds.yaml +++ b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/argocds.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "argocds.argoproj.io" spec: group: "argoproj.io" @@ -21,10 +21,10 @@ spec: description: "ArgoCD is the Schema for the argocds API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -46,7 +46,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -58,7 +58,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -66,8 +66,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -78,8 +79,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -97,6 +99,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -104,7 +107,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -112,13 +115,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" extraCommandArgs: - description: "ExtraCommandArgs allows users to pass command line arguments to ApplicationSet controller. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraCommandArgs will not overwrite the default command line arguments." + description: "ExtraCommandArgs allows users to pass command line arguments to ApplicationSet controller.\nThey get added to default command line arguments provided by the operator.\nPlease note that the command line arguments provided as part of ExtraCommandArgs\nwill not overwrite the default command line arguments." items: type: "string" type: "array" @@ -132,12 +136,12 @@ spec: description: "Resources defines the Compute Resources required by the container for ApplicationSet." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -153,7 +157,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -162,7 +166,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" version: @@ -192,18 +196,18 @@ spec: description: "Path used for the Ingress resource." type: "string" tls: - description: "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI." + description: "TLS configuration. Currently the Ingress only supports a single TLS\nport, 443. If multiple members of this list specify different hosts, they\nwill be multiplexed on the same port according to the hostname specified\nthrough the SNI TLS extension, if the ingress controller fulfilling the\ningress supports SNI." items: description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: - description: "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified." + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: - description: "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing." + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" @@ -239,10 +243,10 @@ spec: description: "certificate provides certificate contents" type: "string" destinationCACertificate: - description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify." + description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify." type: "string" insecureEdgeTerminationPolicy: - description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port." + description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While\neach router may make its own decisions on which ports to expose, this is normally port 80.\n\n\n* Allow - traffic is sent to the server on the insecure port (default)\n* Disable - no traffic is allowed on the insecure port.\n* Redirect - clients are redirected to the secure port." type: "string" key: description: "key provides key file contents" @@ -280,7 +284,7 @@ spec: description: "Controller defines the Application Controller options for ArgoCD." properties: appSync: - description: "AppSync is used to control the sync frequency, by default the ArgoCD controller polls Git every 3m. \n Set this to a duration, e.g. 10m or 600s to control the synchronisation frequency." + description: "AppSync is used to control the sync frequency, by default the ArgoCD\ncontroller polls Git every 3m.\n\n\nSet this to a duration, e.g. 10m or 600s to control the synchronisation\nfrequency." type: "string" env: description: "Env lets you specify environment for application controller pods" @@ -291,7 +295,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -303,7 +307,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -311,8 +315,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -323,8 +328,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -342,6 +348,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -349,7 +356,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -357,6 +364,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" @@ -388,12 +396,12 @@ spec: description: "Resources defines the Compute Resources required by the container for the Application Controller." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -409,7 +417,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -418,7 +426,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" sharding: @@ -454,7 +462,7 @@ spec: description: "DefaultClusterScopedRoleDisabled will disable creation of default ClusterRoles for a cluster scoped instance." type: "boolean" dex: - description: "Deprecated field. Support dropped in v1beta1 version. Dex defines the Dex server options for ArgoCD." + description: "Deprecated field. Support dropped in v1beta1 version.\nDex defines the Dex server options for ArgoCD." properties: config: description: "Config is the dex connector configuration." @@ -474,12 +482,12 @@ spec: description: "Resources defines the Compute Resources required by the container for Dex." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -495,7 +503,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -504,7 +512,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" version: @@ -517,7 +525,7 @@ spec: extraConfig: additionalProperties: type: "string" - description: "ExtraConfig can be used to add fields to Argo CD configmap that are not supported by Argo CD CRD. \n Note: ExtraConfig takes precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` = true and also `a.Spec.ExtraConfig[\"admin.enabled\"]` = true. In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] = true." + description: "ExtraConfig can be used to add fields to Argo CD configmap that are not supported by Argo CD CRD.\n\n\nNote: ExtraConfig takes precedence over Argo CD CRD.\nFor example, A user sets `argocd.Spec.DisableAdmin` = true and also\n`a.Spec.ExtraConfig[\"admin.enabled\"]` = true. In this case, operator updates\nArgo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] = true." type: "object" gaAnonymizeUsers: description: "GAAnonymizeUsers toggles user IDs being hashed before sending to google analytics." @@ -555,18 +563,18 @@ spec: description: "Path used for the Ingress resource." type: "string" tls: - description: "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI." + description: "TLS configuration. Currently the Ingress only supports a single TLS\nport, 443. If multiple members of this list specify different hosts, they\nwill be multiplexed on the same port according to the hostname specified\nthrough the SNI TLS extension, if the ingress controller fulfilling the\ningress supports SNI." items: description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: - description: "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified." + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: - description: "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing." + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" @@ -577,12 +585,12 @@ spec: description: "Resources defines the Compute Resources required by the container for Grafana." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -598,7 +606,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -607,7 +615,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" route: @@ -639,10 +647,10 @@ spec: description: "certificate provides certificate contents" type: "string" destinationCACertificate: - description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify." + description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify." type: "string" insecureEdgeTerminationPolicy: - description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port." + description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While\neach router may make its own decisions on which ports to expose, this is normally port 80.\n\n\n* Allow - traffic is sent to the server on the insecure port (default)\n* Disable - no traffic is allowed on the insecure port.\n* Redirect - clients are redirected to the secure port." type: "string" key: description: "key provides key file contents" @@ -685,12 +693,12 @@ spec: description: "Resources defines the Compute Resources required by the container for HA." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -706,7 +714,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -715,7 +723,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" required: @@ -749,10 +757,10 @@ spec: description: "InitialSSHKnownHosts defines the SSH known hosts data upon creation of the cluster for connecting Git repositories via SSH." properties: excludedefaulthosts: - description: "ExcludeDefaultHosts describes whether you would like to include the default list of SSH Known Hosts provided by ArgoCD." + description: "ExcludeDefaultHosts describes whether you would like to include the default\nlist of SSH Known Hosts provided by ArgoCD." type: "boolean" keys: - description: "Keys describes a custom set of SSH Known Hosts that you would like to have included in your ArgoCD server." + description: "Keys describes a custom set of SSH Known Hosts that you would like to\nhave included in your ArgoCD server." type: "string" type: "object" kustomizeBuildOptions: @@ -794,23 +802,23 @@ spec: tolerations: description: "Tolerations allow the pods to schedule onto nodes with matching taints" items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -830,7 +838,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -842,7 +850,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -850,8 +858,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -862,8 +871,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -881,6 +891,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -888,7 +899,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -896,6 +907,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" @@ -915,12 +927,12 @@ spec: description: "Resources defines the Compute Resources required by the container for Argo CD Notifications." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -936,7 +948,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -945,7 +957,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" version: @@ -984,18 +996,18 @@ spec: description: "Path used for the Ingress resource." type: "string" tls: - description: "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI." + description: "TLS configuration. Currently the Ingress only supports a single TLS\nport, 443. If multiple members of this list specify different hosts, they\nwill be multiplexed on the same port according to the hostname specified\nthrough the SNI TLS extension, if the ingress controller fulfilling the\ningress supports SNI." items: description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: - description: "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified." + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: - description: "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing." + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" @@ -1031,10 +1043,10 @@ spec: description: "certificate provides certificate contents" type: "string" destinationCACertificate: - description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify." + description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify." type: "string" insecureEdgeTerminationPolicy: - description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port." + description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While\neach router may make its own decisions on which ports to expose, this is normally port 80.\n\n\n* Allow - traffic is sent to the server on the insecure port (default)\n* Disable - no traffic is allowed on the insecure port.\n* Redirect - clients are redirected to the secure port." type: "string" key: description: "key provides key file contents" @@ -1062,23 +1074,23 @@ spec: description: "RBAC defines the RBAC configuration for Argo CD." properties: defaultPolicy: - description: "DefaultPolicy is the name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc..." + description: "DefaultPolicy is the name of the default role which Argo CD will falls back to, when\nauthorizing API requests (optional). If omitted or empty, users may be still be able to login,\nbut will see no apps, projects, etc..." type: "string" policy: - description: "Policy is CSV containing user-defined RBAC policies and role definitions. Policy rules are in the form: p, subject, resource, action, object, effect Role definitions and bindings are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information." + description: "Policy is CSV containing user-defined RBAC policies and role definitions.\nPolicy rules are in the form:\n p, subject, resource, action, object, effect\nRole definitions and bindings are in the form:\n g, subject, inherited-subject\nSee https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information." type: "string" policyMatcherMode: - description: "PolicyMatcherMode configures the matchers function mode for casbin. There are two options for this, 'glob' for glob matcher or 'regex' for regex matcher." + description: "PolicyMatcherMode configures the matchers function mode for casbin.\nThere are two options for this, 'glob' for glob matcher or 'regex' for regex matcher." type: "string" scopes: - description: "Scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). If omitted, defaults to: '[groups]'." + description: "Scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope).\nIf omitted, defaults to: '[groups]'." type: "string" type: "object" redis: description: "Redis defines the Redis server options for ArgoCD." properties: autotls: - description: "AutoTLS specifies the method to use for automatic TLS configuration for the redis server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config" + description: "AutoTLS specifies the method to use for automatic TLS configuration for the redis server\nThe value specified here can currently be:\n- openshift - Use the OpenShift service CA to request TLS config" type: "string" disableTLSVerification: description: "DisableTLSVerification defines whether redis server API should be accessed using strict TLS validation" @@ -1090,12 +1102,12 @@ spec: description: "Resources defines the Compute Resources required by the container for Redis." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1111,7 +1123,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1120,7 +1132,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" version: @@ -1131,7 +1143,7 @@ spec: description: "Repo defines the repo server options for Argo CD." properties: autotls: - description: "AutoTLS specifies the method to use for automatic TLS configuration for the repo server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config" + description: "AutoTLS specifies the method to use for automatic TLS configuration for the repo server\nThe value specified here can currently be:\n- openshift - Use the OpenShift service CA to request TLS config" type: "string" env: description: "Env lets you specify environment for repo server pods" @@ -1142,7 +1154,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -1154,7 +1166,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1162,8 +1174,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1174,8 +1187,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -1193,6 +1207,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -1200,7 +1215,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1208,6 +1223,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" @@ -1217,7 +1233,7 @@ spec: description: "ExecTimeout specifies the timeout in seconds for tool execution" type: "integer" extraRepoCommandArgs: - description: "Extra Command arguments allows users to pass command line arguments to repo server workload. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraRepoCommandArgs will not overwrite the default command line arguments." + description: "Extra Command arguments allows users to pass command line arguments to repo server workload. They get added to default command line arguments provided\nby the operator.\nPlease note that the command line arguments provided as part of ExtraRepoCommandArgs will not overwrite the default command line arguments." items: type: "string" type: "array" @@ -1230,17 +1246,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -1248,7 +1264,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -1260,7 +1276,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1268,8 +1284,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1280,8 +1297,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -1299,6 +1317,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -1306,7 +1325,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1314,13 +1333,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -1328,12 +1348,13 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -1341,31 +1362,32 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -1374,7 +1396,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1382,7 +1404,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1399,16 +1421,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1417,20 +1439,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -1439,7 +1461,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1447,7 +1469,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1464,16 +1486,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1482,7 +1504,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -1490,19 +1512,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1513,7 +1535,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1522,7 +1544,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1530,7 +1552,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1547,24 +1569,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1577,45 +1599,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -1626,19 +1648,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1649,7 +1671,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1658,7 +1680,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1666,7 +1688,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1683,24 +1705,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1713,17 +1735,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -1733,10 +1755,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -1745,15 +1767,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1769,7 +1791,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1778,20 +1800,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -1807,27 +1829,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -1843,48 +1865,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1895,7 +1917,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1904,7 +1926,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1912,7 +1934,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1929,24 +1951,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1959,34 +1981,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -2005,27 +2027,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -2033,7 +2055,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -2056,12 +2078,12 @@ spec: description: "Resources defines the Compute Resources required by the container for Redis." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2077,7 +2099,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2086,7 +2108,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" serviceaccount: @@ -2098,17 +2120,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -2116,7 +2138,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -2128,7 +2150,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2136,8 +2158,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -2148,8 +2171,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -2167,6 +2191,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -2174,7 +2199,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2182,13 +2207,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -2196,12 +2222,13 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -2209,31 +2236,32 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2242,7 +2270,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2250,7 +2278,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2267,16 +2295,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2285,20 +2313,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2307,7 +2335,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2315,7 +2343,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2332,16 +2360,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2350,7 +2378,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -2358,19 +2386,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2381,7 +2409,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2390,7 +2418,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2398,7 +2426,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2415,24 +2443,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2445,45 +2473,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -2494,19 +2522,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2517,7 +2545,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2526,7 +2554,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2534,7 +2562,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2551,24 +2579,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2581,17 +2609,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -2601,10 +2629,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -2613,15 +2641,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2637,7 +2665,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2646,20 +2674,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -2675,27 +2703,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -2711,48 +2739,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2763,7 +2791,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2772,7 +2800,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2780,7 +2808,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2797,24 +2825,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2827,34 +2855,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -2873,27 +2901,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -2901,7 +2929,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -2919,22 +2947,22 @@ spec: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -2947,20 +2975,20 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" @@ -2978,13 +3006,13 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" @@ -2994,7 +3022,7 @@ spec: description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -3010,7 +3038,7 @@ spec: description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" @@ -3018,42 +3046,44 @@ spec: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -3062,11 +3092,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3074,11 +3104,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3086,35 +3116,37 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" csi: description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -3123,7 +3155,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -3143,15 +3175,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -3169,47 +3202,48 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3221,11 +3255,12 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3234,22 +3269,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -3265,7 +3300,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3274,7 +3309,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -3283,16 +3318,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3304,14 +3339,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -3325,14 +3361,14 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" @@ -3340,19 +3376,19 @@ spec: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -3360,15 +3396,16 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" required: - "driver" type: "object" @@ -3376,36 +3413,36 @@ spec: description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -3417,35 +3454,35 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -3454,38 +3491,39 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -3493,32 +3531,32 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -3527,7 +3565,7 @@ spec: description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -3539,10 +3577,10 @@ spec: description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -3554,7 +3592,7 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: @@ -3566,7 +3604,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3574,11 +3612,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3586,12 +3624,13 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: description: "downwardAPI information about the downwardAPI data to project" properties: @@ -3612,15 +3651,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -3638,6 +3678,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" @@ -3647,7 +3688,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3655,11 +3696,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3667,24 +3708,25 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -3696,19 +3738,19 @@ spec: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -3718,37 +3760,38 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" @@ -3758,7 +3801,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -3767,20 +3810,21 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" sslEnabled: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -3789,7 +3833,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -3797,14 +3841,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3812,11 +3856,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3827,37 +3871,38 @@ spec: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -3893,7 +3938,7 @@ spec: type: "object" type: "array" resourceCustomizations: - description: "Deprecated field. Support dropped in v1beta1 version. ResourceCustomizations customizes resource behavior. Keys are in the form: group/Kind. Please note that this is being deprecated in favor of ResourceHealthChecks, ResourceIgnoreDifferences, and ResourceActions." + description: "Deprecated field. Support dropped in v1beta1 version.\nResourceCustomizations customizes resource behavior. Keys are in the form: group/Kind. Please note that this is being deprecated in favor of ResourceHealthChecks, ResourceIgnoreDifferences, and ResourceActions." type: "string" resourceExclusions: description: "ResourceExclusions is used to completely ignore entire classes of resource group/kinds." @@ -3956,7 +4001,7 @@ spec: type: "array" type: "object" resourceInclusions: - description: "ResourceInclusions is used to only include specific group/kinds in the reconciliation process." + description: "ResourceInclusions is used to only include specific group/kinds in the\nreconciliation process." type: "string" resourceTrackingMethod: description: "ResourceTrackingMethod defines how Argo CD should track resources that it manages" @@ -3978,11 +4023,11 @@ spec: format: "int32" type: "integer" minReplicas: - description: "minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available." + description: "minReplicas is the lower limit for the number of replicas to which the autoscaler\ncan scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the\nalpha feature gate HPAScaleToZero is enabled and at least one Object or External\nmetric is configured. Scaling is active as long as at least one metric value is\navailable." format: "int32" type: "integer" scaleTargetRef: - description: "reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption and will set the desired number of pods by using its Scale subresource." + description: "reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption\nand will set the desired number of pods by using its Scale subresource." properties: apiVersion: description: "apiVersion is the API version of the referent" @@ -3997,8 +4042,9 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" targetCPUUtilizationPercentage: - description: "targetCPUUtilizationPercentage is the target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used." + description: "targetCPUUtilizationPercentage is the target average CPU utilization (represented as a percentage of requested CPU) over all the pods;\nif not specified the default autoscaling policy will be used." format: "int32" type: "integer" required: @@ -4017,7 +4063,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -4029,7 +4075,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -4037,8 +4083,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -4049,8 +4096,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -4068,6 +4116,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -4075,7 +4124,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -4083,13 +4132,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" extraCommandArgs: - description: "Extra Command arguments that would append to the Argo CD server command. ExtraCommandArgs will not be added, if one of these commands is already part of the server command with same or different value." + description: "Extra Command arguments that would append to the Argo CD server command.\nExtraCommandArgs will not be added, if one of these commands is already part of the server command\nwith same or different value." items: type: "string" type: "array" @@ -4117,18 +4167,18 @@ spec: description: "Path used for the Ingress resource." type: "string" tls: - description: "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI." + description: "TLS configuration. Currently the Ingress only supports a single TLS\nport, 443. If multiple members of this list specify different hosts, they\nwill be multiplexed on the same port according to the hostname specified\nthrough the SNI TLS extension, if the ingress controller fulfilling the\ningress supports SNI." items: description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: - description: "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified." + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: - description: "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing." + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" @@ -4157,18 +4207,18 @@ spec: description: "Path used for the Ingress resource." type: "string" tls: - description: "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI." + description: "TLS configuration. Currently the Ingress only supports a single TLS\nport, 443. If multiple members of this list specify different hosts, they\nwill be multiplexed on the same port according to the hostname specified\nthrough the SNI TLS extension, if the ingress controller fulfilling the\ningress supports SNI." items: description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: - description: "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified." + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: - description: "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing." + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" @@ -4192,12 +4242,12 @@ spec: description: "Resources defines the Compute Resources required by the container for the Argo CD server component." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4213,7 +4263,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4222,7 +4272,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" route: @@ -4254,10 +4304,10 @@ spec: description: "certificate provides certificate contents" type: "string" destinationCACertificate: - description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify." + description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify." type: "string" insecureEdgeTerminationPolicy: - description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port." + description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While\neach router may make its own decisions on which ports to expose, this is normally port 80.\n\n\n* Allow - traffic is sent to the server on the insecure port (default)\n* Disable - no traffic is allowed on the insecure port.\n* Redirect - clients are redirected to the secure port." type: "string" key: description: "key provides key file contents" @@ -4313,12 +4363,12 @@ spec: description: "Resources defines the Compute Resources required by the container for Dex." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4334,7 +4384,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4343,7 +4393,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" version: @@ -4351,7 +4401,7 @@ spec: type: "string" type: "object" image: - description: "Deprecated field. Support dropped in v1beta1 version. Image is the SSO container image." + description: "Deprecated field. Support dropped in v1beta1 version.\nImage is the SSO container image." type: "string" keycloak: description: "Keycloak contains the configuration for Argo CD keycloak authentication" @@ -4366,12 +4416,12 @@ spec: description: "Resources defines the Compute Resources required by the container for Keycloak." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4387,7 +4437,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4396,7 +4446,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" rootCA: @@ -4413,15 +4463,15 @@ spec: description: "Provider installs and configures the given SSO Provider with Argo CD." type: "string" resources: - description: "Deprecated field. Support dropped in v1beta1 version. Resources defines the Compute Resources required by the container for SSO." + description: "Deprecated field. Support dropped in v1beta1 version.\nResources defines the Compute Resources required by the container for SSO." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4437,7 +4487,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4446,14 +4496,14 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" verifyTLS: - description: "Deprecated field. Support dropped in v1beta1 version. VerifyTLS set to false disables strict TLS validation." + description: "Deprecated field. Support dropped in v1beta1 version.\nVerifyTLS set to false disables strict TLS validation." type: "boolean" version: - description: "Deprecated field. Support dropped in v1beta1 version. Version is the SSO container image tag." + description: "Deprecated field. Support dropped in v1beta1 version.\nVersion is the SSO container image tag." type: "string" type: "object" statusBadgeEnabled: @@ -4479,7 +4529,7 @@ spec: type: "object" type: "object" usersAnonymousEnabled: - description: "UsersAnonymousEnabled toggles anonymous user access. The anonymous users get default role permissions specified argocd-rbac-cm." + description: "UsersAnonymousEnabled toggles anonymous user access.\nThe anonymous users get default role permissions specified argocd-rbac-cm." type: "boolean" version: description: "Version is the tag to use with the ArgoCD container image for all ArgoCD components." @@ -4489,37 +4539,37 @@ spec: description: "ArgoCDStatus defines the observed state of ArgoCD" properties: applicationController: - description: "ApplicationController is a simple, high-level summary of where the Argo CD application controller component is in its lifecycle. There are four possible ApplicationController values: Pending: The Argo CD application controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD application controller component are in a Ready state. Failed: At least one of the Argo CD application controller component Pods had a failure. Unknown: The state of the Argo CD application controller component could not be obtained." + description: "ApplicationController is a simple, high-level summary of where the Argo CD application controller component is in its lifecycle.\nThere are four possible ApplicationController values:\nPending: The Argo CD application controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD application controller component are in a Ready state.\nFailed: At least one of the Argo CD application controller component Pods had a failure.\nUnknown: The state of the Argo CD application controller component could not be obtained." type: "string" applicationSetController: - description: "ApplicationSetController is a simple, high-level summary of where the Argo CD applicationSet controller component is in its lifecycle. There are four possible ApplicationSetController values: Pending: The Argo CD applicationSet controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD applicationSet controller component are in a Ready state. Failed: At least one of the Argo CD applicationSet controller component Pods had a failure. Unknown: The state of the Argo CD applicationSet controller component could not be obtained." + description: "ApplicationSetController is a simple, high-level summary of where the Argo CD applicationSet controller component is in its lifecycle.\nThere are four possible ApplicationSetController values:\nPending: The Argo CD applicationSet controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD applicationSet controller component are in a Ready state.\nFailed: At least one of the Argo CD applicationSet controller component Pods had a failure.\nUnknown: The state of the Argo CD applicationSet controller component could not be obtained." type: "string" host: description: "Host is the hostname of the Ingress." type: "string" notificationsController: - description: "NotificationsController is a simple, high-level summary of where the Argo CD notifications controller component is in its lifecycle. There are four possible NotificationsController values: Pending: The Argo CD notifications controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD notifications controller component are in a Ready state. Failed: At least one of the Argo CD notifications controller component Pods had a failure. Unknown: The state of the Argo CD notifications controller component could not be obtained." + description: "NotificationsController is a simple, high-level summary of where the Argo CD notifications controller component is in its lifecycle.\nThere are four possible NotificationsController values:\nPending: The Argo CD notifications controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD notifications controller component are in a Ready state.\nFailed: At least one of the Argo CD notifications controller component Pods had a failure.\nUnknown: The state of the Argo CD notifications controller component could not be obtained." type: "string" phase: - description: "Phase is a simple, high-level summary of where the ArgoCD is in its lifecycle. There are four possible phase values: Pending: The ArgoCD has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Available: All of the resources for the ArgoCD are ready. Failed: At least one resource has experienced a failure. Unknown: The state of the ArgoCD phase could not be obtained." + description: "Phase is a simple, high-level summary of where the ArgoCD is in its lifecycle.\nThere are four possible phase values:\nPending: The ArgoCD has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nAvailable: All of the resources for the ArgoCD are ready.\nFailed: At least one resource has experienced a failure.\nUnknown: The state of the ArgoCD phase could not be obtained." type: "string" redis: - description: "Redis is a simple, high-level summary of where the Argo CD Redis component is in its lifecycle. There are four possible redis values: Pending: The Argo CD Redis component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD Redis component are in a Ready state. Failed: At least one of the Argo CD Redis component Pods had a failure. Unknown: The state of the Argo CD Redis component could not be obtained." + description: "Redis is a simple, high-level summary of where the Argo CD Redis component is in its lifecycle.\nThere are four possible redis values:\nPending: The Argo CD Redis component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD Redis component are in a Ready state.\nFailed: At least one of the Argo CD Redis component Pods had a failure.\nUnknown: The state of the Argo CD Redis component could not be obtained." type: "string" redisTLSChecksum: description: "RedisTLSChecksum contains the SHA256 checksum of the latest known state of tls.crt and tls.key in the argocd-operator-redis-tls secret." type: "string" repo: - description: "Repo is a simple, high-level summary of where the Argo CD Repo component is in its lifecycle. There are four possible repo values: Pending: The Argo CD Repo component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD Repo component are in a Ready state. Failed: At least one of the Argo CD Repo component Pods had a failure. Unknown: The state of the Argo CD Repo component could not be obtained." + description: "Repo is a simple, high-level summary of where the Argo CD Repo component is in its lifecycle.\nThere are four possible repo values:\nPending: The Argo CD Repo component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD Repo component are in a Ready state.\nFailed: At least one of the Argo CD Repo component Pods had a failure.\nUnknown: The state of the Argo CD Repo component could not be obtained." type: "string" repoTLSChecksum: description: "RepoTLSChecksum contains the SHA256 checksum of the latest known state of tls.crt and tls.key in the argocd-repo-server-tls secret." type: "string" server: - description: "Server is a simple, high-level summary of where the Argo CD server component is in its lifecycle. There are four possible server values: Pending: The Argo CD server component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD server component are in a Ready state. Failed: At least one of the Argo CD server component Pods had a failure. Unknown: The state of the Argo CD server component could not be obtained." + description: "Server is a simple, high-level summary of where the Argo CD server component is in its lifecycle.\nThere are four possible server values:\nPending: The Argo CD server component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD server component are in a Ready state.\nFailed: At least one of the Argo CD server component Pods had a failure.\nUnknown: The state of the Argo CD server component could not be obtained." type: "string" sso: - description: "SSO is a simple, high-level summary of where the Argo CD SSO(Dex/Keycloak) component is in its lifecycle. There are four possible sso values: Pending: The Argo CD SSO component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD SSO component are in a Ready state. Failed: At least one of the Argo CD SSO component Pods had a failure. Unknown: The state of the Argo CD SSO component could not be obtained." + description: "SSO is a simple, high-level summary of where the Argo CD SSO(Dex/Keycloak) component is in its lifecycle.\nThere are four possible sso values:\nPending: The Argo CD SSO component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD SSO component are in a Ready state.\nFailed: At least one of the Argo CD SSO component Pods had a failure.\nUnknown: The state of the Argo CD SSO component could not be obtained." type: "string" type: "object" type: "object" @@ -4527,9 +4577,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1beta1/argocds.yaml b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1beta1/argocds.yaml index 73dd0add0..d86c0af0c 100644 --- a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1beta1/argocds.yaml +++ b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1beta1/argocds.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "argocds.argoproj.io" spec: group: "argoproj.io" @@ -19,10 +19,10 @@ spec: description: "ArgoCD is the Schema for the argocds API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -47,7 +47,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -59,7 +59,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -67,8 +67,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -79,8 +80,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -98,6 +100,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -105,7 +108,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -113,13 +116,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" extraCommandArgs: - description: "ExtraCommandArgs allows users to pass command line arguments to ApplicationSet controller. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraCommandArgs will not overwrite the default command line arguments." + description: "ExtraCommandArgs allows users to pass command line arguments to ApplicationSet controller.\nThey get added to default command line arguments provided by the operator.\nPlease note that the command line arguments provided as part of ExtraCommandArgs\nwill not overwrite the default command line arguments." items: type: "string" type: "array" @@ -133,12 +137,12 @@ spec: description: "Resources defines the Compute Resources required by the container for ApplicationSet." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -154,7 +158,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -163,7 +167,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" scmProviders: @@ -206,18 +210,18 @@ spec: description: "Path used for the Ingress resource." type: "string" tls: - description: "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI." + description: "TLS configuration. Currently the Ingress only supports a single TLS\nport, 443. If multiple members of this list specify different hosts, they\nwill be multiplexed on the same port according to the hostname specified\nthrough the SNI TLS extension, if the ingress controller fulfilling the\ningress supports SNI." items: description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: - description: "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified." + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: - description: "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing." + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" @@ -253,10 +257,10 @@ spec: description: "certificate provides certificate contents" type: "string" destinationCACertificate: - description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify." + description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify." type: "string" insecureEdgeTerminationPolicy: - description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port." + description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While\neach router may make its own decisions on which ports to expose, this is normally port 80.\n\n\n* Allow - traffic is sent to the server on the insecure port (default)\n* Disable - no traffic is allowed on the insecure port.\n* Redirect - clients are redirected to the secure port." type: "string" key: description: "key provides key file contents" @@ -294,7 +298,7 @@ spec: description: "Controller defines the Application Controller options for ArgoCD." properties: appSync: - description: "AppSync is used to control the sync frequency, by default the ArgoCD controller polls Git every 3m. \n Set this to a duration, e.g. 10m or 600s to control the synchronisation frequency." + description: "AppSync is used to control the sync frequency, by default the ArgoCD\ncontroller polls Git every 3m.\n\n\nSet this to a duration, e.g. 10m or 600s to control the synchronisation\nfrequency." type: "string" enabled: description: "Enabled is the flag to enable the Application Controller during ArgoCD installation. (optional, default `true`)" @@ -308,7 +312,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -320,7 +324,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -328,8 +332,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -340,8 +345,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -359,6 +365,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -366,7 +373,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -374,6 +381,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" @@ -405,12 +413,12 @@ spec: description: "Resources defines the Compute Resources required by the container for the Application Controller." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -426,7 +434,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -435,7 +443,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" sharding: @@ -476,7 +484,7 @@ spec: extraConfig: additionalProperties: type: "string" - description: "ExtraConfig can be used to add fields to Argo CD configmap that are not supported by Argo CD CRD. \n Note: ExtraConfig takes precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` = true and also `a.Spec.ExtraConfig[\"admin.enabled\"]` = true. In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] = true." + description: "ExtraConfig can be used to add fields to Argo CD configmap that are not supported by Argo CD CRD.\n\n\nNote: ExtraConfig takes precedence over Argo CD CRD.\nFor example, A user sets `argocd.Spec.DisableAdmin` = true and also\n`a.Spec.ExtraConfig[\"admin.enabled\"]` = true. In this case, operator updates\nArgo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] = true." type: "object" gaAnonymizeUsers: description: "GAAnonymizeUsers toggles user IDs being hashed before sending to google analytics." @@ -514,18 +522,18 @@ spec: description: "Path used for the Ingress resource." type: "string" tls: - description: "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI." + description: "TLS configuration. Currently the Ingress only supports a single TLS\nport, 443. If multiple members of this list specify different hosts, they\nwill be multiplexed on the same port according to the hostname specified\nthrough the SNI TLS extension, if the ingress controller fulfilling the\ningress supports SNI." items: description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: - description: "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified." + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: - description: "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing." + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" @@ -536,12 +544,12 @@ spec: description: "Resources defines the Compute Resources required by the container for Grafana." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -557,7 +565,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -566,7 +574,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" route: @@ -598,10 +606,10 @@ spec: description: "certificate provides certificate contents" type: "string" destinationCACertificate: - description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify." + description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify." type: "string" insecureEdgeTerminationPolicy: - description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port." + description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While\neach router may make its own decisions on which ports to expose, this is normally port 80.\n\n\n* Allow - traffic is sent to the server on the insecure port (default)\n* Disable - no traffic is allowed on the insecure port.\n* Redirect - clients are redirected to the secure port." type: "string" key: description: "key provides key file contents" @@ -644,12 +652,12 @@ spec: description: "Resources defines the Compute Resources required by the container for HA." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -665,7 +673,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -674,7 +682,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" required: @@ -708,10 +716,10 @@ spec: description: "InitialSSHKnownHosts defines the SSH known hosts data upon creation of the cluster for connecting Git repositories via SSH." properties: excludedefaulthosts: - description: "ExcludeDefaultHosts describes whether you would like to include the default list of SSH Known Hosts provided by ArgoCD." + description: "ExcludeDefaultHosts describes whether you would like to include the default\nlist of SSH Known Hosts provided by ArgoCD." type: "boolean" keys: - description: "Keys describes a custom set of SSH Known Hosts that you would like to have included in your ArgoCD server." + description: "Keys describes a custom set of SSH Known Hosts that you would like to\nhave included in your ArgoCD server." type: "string" type: "object" kustomizeBuildOptions: @@ -753,23 +761,23 @@ spec: tolerations: description: "Tolerations allow the pods to schedule onto nodes with matching taints" items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -789,7 +797,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -801,7 +809,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -809,8 +817,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -821,8 +830,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -840,6 +850,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -847,7 +858,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -855,6 +866,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" @@ -874,12 +886,12 @@ spec: description: "Resources defines the Compute Resources required by the container for Argo CD Notifications." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -895,7 +907,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -904,7 +916,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" version: @@ -943,18 +955,18 @@ spec: description: "Path used for the Ingress resource." type: "string" tls: - description: "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI." + description: "TLS configuration. Currently the Ingress only supports a single TLS\nport, 443. If multiple members of this list specify different hosts, they\nwill be multiplexed on the same port according to the hostname specified\nthrough the SNI TLS extension, if the ingress controller fulfilling the\ningress supports SNI." items: description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: - description: "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified." + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: - description: "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing." + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" @@ -990,10 +1002,10 @@ spec: description: "certificate provides certificate contents" type: "string" destinationCACertificate: - description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify." + description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify." type: "string" insecureEdgeTerminationPolicy: - description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port." + description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While\neach router may make its own decisions on which ports to expose, this is normally port 80.\n\n\n* Allow - traffic is sent to the server on the insecure port (default)\n* Disable - no traffic is allowed on the insecure port.\n* Redirect - clients are redirected to the secure port." type: "string" key: description: "key provides key file contents" @@ -1021,23 +1033,23 @@ spec: description: "RBAC defines the RBAC configuration for Argo CD." properties: defaultPolicy: - description: "DefaultPolicy is the name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc..." + description: "DefaultPolicy is the name of the default role which Argo CD will falls back to, when\nauthorizing API requests (optional). If omitted or empty, users may be still be able to login,\nbut will see no apps, projects, etc..." type: "string" policy: - description: "Policy is CSV containing user-defined RBAC policies and role definitions. Policy rules are in the form: p, subject, resource, action, object, effect Role definitions and bindings are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information." + description: "Policy is CSV containing user-defined RBAC policies and role definitions.\nPolicy rules are in the form:\n p, subject, resource, action, object, effect\nRole definitions and bindings are in the form:\n g, subject, inherited-subject\nSee https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information." type: "string" policyMatcherMode: - description: "PolicyMatcherMode configures the matchers function mode for casbin. There are two options for this, 'glob' for glob matcher or 'regex' for regex matcher." + description: "PolicyMatcherMode configures the matchers function mode for casbin.\nThere are two options for this, 'glob' for glob matcher or 'regex' for regex matcher." type: "string" scopes: - description: "Scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). If omitted, defaults to: '[groups]'." + description: "Scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope).\nIf omitted, defaults to: '[groups]'." type: "string" type: "object" redis: description: "Redis defines the Redis server options for ArgoCD." properties: autotls: - description: "AutoTLS specifies the method to use for automatic TLS configuration for the redis server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config" + description: "AutoTLS specifies the method to use for automatic TLS configuration for the redis server\nThe value specified here can currently be:\n- openshift - Use the OpenShift service CA to request TLS config" type: "string" disableTLSVerification: description: "DisableTLSVerification defines whether redis server API should be accessed using strict TLS validation" @@ -1055,12 +1067,12 @@ spec: description: "Resources defines the Compute Resources required by the container for Redis." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1076,7 +1088,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1085,7 +1097,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" version: @@ -1096,7 +1108,7 @@ spec: description: "Repo defines the repo server options for Argo CD." properties: autotls: - description: "AutoTLS specifies the method to use for automatic TLS configuration for the repo server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config" + description: "AutoTLS specifies the method to use for automatic TLS configuration for the repo server\nThe value specified here can currently be:\n- openshift - Use the OpenShift service CA to request TLS config" type: "string" enabled: description: "Enabled is the flag to enable Repo Server during ArgoCD installation. (optional, default `true`)" @@ -1110,7 +1122,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -1122,7 +1134,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1130,8 +1142,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1142,8 +1155,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -1161,6 +1175,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -1168,7 +1183,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1176,6 +1191,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" @@ -1185,7 +1201,7 @@ spec: description: "ExecTimeout specifies the timeout in seconds for tool execution" type: "integer" extraRepoCommandArgs: - description: "Extra Command arguments allows users to pass command line arguments to repo server workload. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraRepoCommandArgs will not overwrite the default command line arguments." + description: "Extra Command arguments allows users to pass command line arguments to repo server workload. They get added to default command line arguments provided\nby the operator.\nPlease note that the command line arguments provided as part of ExtraRepoCommandArgs will not overwrite the default command line arguments." items: type: "string" type: "array" @@ -1198,17 +1214,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -1216,7 +1232,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -1228,7 +1244,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1236,8 +1252,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1248,8 +1265,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -1267,6 +1285,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -1274,7 +1293,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1282,13 +1301,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -1296,12 +1316,13 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -1309,31 +1330,32 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -1342,7 +1364,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1350,7 +1372,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1367,16 +1389,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1385,20 +1407,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -1407,7 +1429,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1415,7 +1437,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1432,16 +1454,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1450,7 +1472,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -1458,19 +1480,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1481,7 +1503,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1490,7 +1512,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1498,7 +1520,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1515,24 +1537,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1545,45 +1567,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -1594,19 +1616,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1617,7 +1639,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1626,7 +1648,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1634,7 +1656,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1651,24 +1673,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1681,17 +1703,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -1701,10 +1723,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -1713,15 +1735,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1737,7 +1759,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1746,20 +1768,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -1775,27 +1797,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -1811,48 +1833,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1863,7 +1885,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1872,7 +1894,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1880,7 +1902,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1897,24 +1919,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1927,34 +1949,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -1973,27 +1995,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -2001,7 +2023,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -2027,12 +2049,12 @@ spec: description: "Resources defines the Compute Resources required by the container for Redis." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2048,7 +2070,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2057,7 +2079,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" serviceaccount: @@ -2069,17 +2091,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -2087,7 +2109,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -2099,7 +2121,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2107,8 +2129,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -2119,8 +2142,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -2138,6 +2162,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -2145,7 +2170,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2153,13 +2178,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -2167,12 +2193,13 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -2180,31 +2207,32 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2213,7 +2241,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2221,7 +2249,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2238,16 +2266,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2256,20 +2284,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2278,7 +2306,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2286,7 +2314,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2303,16 +2331,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2321,7 +2349,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -2329,19 +2357,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2352,7 +2380,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2361,7 +2389,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2369,7 +2397,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2386,24 +2414,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2416,45 +2444,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -2465,19 +2493,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2488,7 +2516,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2497,7 +2525,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2505,7 +2533,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2522,24 +2550,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2552,17 +2580,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -2572,10 +2600,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -2584,15 +2612,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2608,7 +2636,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2617,20 +2645,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -2646,27 +2674,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -2682,48 +2710,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2734,7 +2762,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2743,7 +2771,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2751,7 +2779,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2768,24 +2796,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2798,34 +2826,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -2844,27 +2872,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -2872,7 +2900,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -2890,22 +2918,22 @@ spec: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -2918,20 +2946,20 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" @@ -2949,13 +2977,13 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" @@ -2965,7 +2993,7 @@ spec: description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -2981,7 +3009,7 @@ spec: description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" @@ -2989,42 +3017,44 @@ spec: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -3033,11 +3063,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3045,11 +3075,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3057,35 +3087,37 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" csi: description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -3094,7 +3126,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -3114,15 +3146,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -3140,47 +3173,48 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3192,11 +3226,12 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3205,22 +3240,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -3236,7 +3271,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3245,7 +3280,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -3254,16 +3289,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3275,14 +3310,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -3296,14 +3332,14 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" @@ -3311,19 +3347,19 @@ spec: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -3331,15 +3367,16 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" required: - "driver" type: "object" @@ -3347,36 +3384,36 @@ spec: description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -3388,35 +3425,35 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -3425,38 +3462,39 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -3464,32 +3502,32 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -3498,7 +3536,7 @@ spec: description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -3510,10 +3548,10 @@ spec: description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -3525,7 +3563,7 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: @@ -3537,7 +3575,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3545,11 +3583,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3557,12 +3595,13 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: description: "downwardAPI information about the downwardAPI data to project" properties: @@ -3583,15 +3622,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -3609,6 +3649,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" @@ -3618,7 +3659,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3626,11 +3667,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3638,24 +3679,25 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -3667,19 +3709,19 @@ spec: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -3689,37 +3731,38 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" @@ -3729,7 +3772,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -3738,20 +3781,21 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" sslEnabled: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -3760,7 +3804,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -3768,14 +3812,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3783,11 +3827,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3798,37 +3842,38 @@ spec: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -3924,7 +3969,7 @@ spec: type: "array" type: "object" resourceInclusions: - description: "ResourceInclusions is used to only include specific group/kinds in the reconciliation process." + description: "ResourceInclusions is used to only include specific group/kinds in the\nreconciliation process." type: "string" resourceTrackingMethod: description: "ResourceTrackingMethod defines how Argo CD should track resources that it manages" @@ -3946,11 +3991,11 @@ spec: format: "int32" type: "integer" minReplicas: - description: "minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available." + description: "minReplicas is the lower limit for the number of replicas to which the autoscaler\ncan scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the\nalpha feature gate HPAScaleToZero is enabled and at least one Object or External\nmetric is configured. Scaling is active as long as at least one metric value is\navailable." format: "int32" type: "integer" scaleTargetRef: - description: "reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption and will set the desired number of pods by using its Scale subresource." + description: "reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption\nand will set the desired number of pods by using its Scale subresource." properties: apiVersion: description: "apiVersion is the API version of the referent" @@ -3965,8 +4010,9 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" targetCPUUtilizationPercentage: - description: "targetCPUUtilizationPercentage is the target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used." + description: "targetCPUUtilizationPercentage is the target average CPU utilization (represented as a percentage of requested CPU) over all the pods;\nif not specified the default autoscaling policy will be used." format: "int32" type: "integer" required: @@ -3988,7 +4034,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -4000,7 +4046,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -4008,8 +4054,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -4020,8 +4067,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -4039,6 +4087,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -4046,7 +4095,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -4054,13 +4103,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" extraCommandArgs: - description: "Extra Command arguments that would append to the Argo CD server command. ExtraCommandArgs will not be added, if one of these commands is already part of the server command with same or different value." + description: "Extra Command arguments that would append to the Argo CD server command.\nExtraCommandArgs will not be added, if one of these commands is already part of the server command\nwith same or different value." items: type: "string" type: "array" @@ -4088,18 +4138,18 @@ spec: description: "Path used for the Ingress resource." type: "string" tls: - description: "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI." + description: "TLS configuration. Currently the Ingress only supports a single TLS\nport, 443. If multiple members of this list specify different hosts, they\nwill be multiplexed on the same port according to the hostname specified\nthrough the SNI TLS extension, if the ingress controller fulfilling the\ningress supports SNI." items: description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: - description: "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified." + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: - description: "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing." + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" @@ -4128,18 +4178,18 @@ spec: description: "Path used for the Ingress resource." type: "string" tls: - description: "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI." + description: "TLS configuration. Currently the Ingress only supports a single TLS\nport, 443. If multiple members of this list specify different hosts, they\nwill be multiplexed on the same port according to the hostname specified\nthrough the SNI TLS extension, if the ingress controller fulfilling the\ningress supports SNI." items: description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: - description: "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified." + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: - description: "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing." + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" @@ -4163,12 +4213,12 @@ spec: description: "Resources defines the Compute Resources required by the container for the Argo CD server component." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4184,7 +4234,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4193,7 +4243,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" route: @@ -4225,10 +4275,10 @@ spec: description: "certificate provides certificate contents" type: "string" destinationCACertificate: - description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify." + description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify." type: "string" insecureEdgeTerminationPolicy: - description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port." + description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While\neach router may make its own decisions on which ports to expose, this is normally port 80.\n\n\n* Allow - traffic is sent to the server on the insecure port (default)\n* Disable - no traffic is allowed on the insecure port.\n* Redirect - clients are redirected to the secure port." type: "string" key: description: "key provides key file contents" @@ -4278,7 +4328,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -4290,7 +4340,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -4298,8 +4348,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -4310,8 +4361,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -4329,6 +4381,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -4336,7 +4389,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -4344,6 +4397,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" @@ -4364,12 +4418,12 @@ spec: description: "Resources defines the Compute Resources required by the container for Dex." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4385,7 +4439,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4394,7 +4448,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" version: @@ -4414,12 +4468,12 @@ spec: description: "Resources defines the Compute Resources required by the container for Keycloak." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4435,7 +4489,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4444,7 +4498,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" rootCA: @@ -4484,7 +4538,7 @@ spec: type: "object" type: "object" usersAnonymousEnabled: - description: "UsersAnonymousEnabled toggles anonymous user access. The anonymous users get default role permissions specified argocd-rbac-cm." + description: "UsersAnonymousEnabled toggles anonymous user access.\nThe anonymous users get default role permissions specified argocd-rbac-cm." type: "boolean" version: description: "Version is the tag to use with the ArgoCD container image for all ArgoCD components." @@ -4494,37 +4548,37 @@ spec: description: "ArgoCDStatus defines the observed state of ArgoCD" properties: applicationController: - description: "ApplicationController is a simple, high-level summary of where the Argo CD application controller component is in its lifecycle. There are four possible ApplicationController values: Pending: The Argo CD application controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD application controller component are in a Ready state. Failed: At least one of the Argo CD application controller component Pods had a failure. Unknown: The state of the Argo CD application controller component could not be obtained." + description: "ApplicationController is a simple, high-level summary of where the Argo CD application controller component is in its lifecycle.\nThere are four possible ApplicationController values:\nPending: The Argo CD application controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD application controller component are in a Ready state.\nFailed: At least one of the Argo CD application controller component Pods had a failure.\nUnknown: The state of the Argo CD application controller component could not be obtained." type: "string" applicationSetController: - description: "ApplicationSetController is a simple, high-level summary of where the Argo CD applicationSet controller component is in its lifecycle. There are four possible ApplicationSetController values: Pending: The Argo CD applicationSet controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD applicationSet controller component are in a Ready state. Failed: At least one of the Argo CD applicationSet controller component Pods had a failure. Unknown: The state of the Argo CD applicationSet controller component could not be obtained." + description: "ApplicationSetController is a simple, high-level summary of where the Argo CD applicationSet controller component is in its lifecycle.\nThere are four possible ApplicationSetController values:\nPending: The Argo CD applicationSet controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD applicationSet controller component are in a Ready state.\nFailed: At least one of the Argo CD applicationSet controller component Pods had a failure.\nUnknown: The state of the Argo CD applicationSet controller component could not be obtained." type: "string" host: description: "Host is the hostname of the Ingress." type: "string" notificationsController: - description: "NotificationsController is a simple, high-level summary of where the Argo CD notifications controller component is in its lifecycle. There are four possible NotificationsController values: Pending: The Argo CD notifications controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD notifications controller component are in a Ready state. Failed: At least one of the Argo CD notifications controller component Pods had a failure. Unknown: The state of the Argo CD notifications controller component could not be obtained." + description: "NotificationsController is a simple, high-level summary of where the Argo CD notifications controller component is in its lifecycle.\nThere are four possible NotificationsController values:\nPending: The Argo CD notifications controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD notifications controller component are in a Ready state.\nFailed: At least one of the Argo CD notifications controller component Pods had a failure.\nUnknown: The state of the Argo CD notifications controller component could not be obtained." type: "string" phase: - description: "Phase is a simple, high-level summary of where the ArgoCD is in its lifecycle. There are four possible phase values: Pending: The ArgoCD has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Available: All of the resources for the ArgoCD are ready. Failed: At least one resource has experienced a failure. Unknown: The state of the ArgoCD phase could not be obtained." + description: "Phase is a simple, high-level summary of where the ArgoCD is in its lifecycle.\nThere are four possible phase values:\nPending: The ArgoCD has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nAvailable: All of the resources for the ArgoCD are ready.\nFailed: At least one resource has experienced a failure.\nUnknown: The state of the ArgoCD phase could not be obtained." type: "string" redis: - description: "Redis is a simple, high-level summary of where the Argo CD Redis component is in its lifecycle. There are four possible redis values: Pending: The Argo CD Redis component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD Redis component are in a Ready state. Failed: At least one of the Argo CD Redis component Pods had a failure. Unknown: The state of the Argo CD Redis component could not be obtained." + description: "Redis is a simple, high-level summary of where the Argo CD Redis component is in its lifecycle.\nThere are four possible redis values:\nPending: The Argo CD Redis component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD Redis component are in a Ready state.\nFailed: At least one of the Argo CD Redis component Pods had a failure.\nUnknown: The state of the Argo CD Redis component could not be obtained." type: "string" redisTLSChecksum: description: "RedisTLSChecksum contains the SHA256 checksum of the latest known state of tls.crt and tls.key in the argocd-operator-redis-tls secret." type: "string" repo: - description: "Repo is a simple, high-level summary of where the Argo CD Repo component is in its lifecycle. There are four possible repo values: Pending: The Argo CD Repo component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD Repo component are in a Ready state. Failed: At least one of the Argo CD Repo component Pods had a failure. Unknown: The state of the Argo CD Repo component could not be obtained." + description: "Repo is a simple, high-level summary of where the Argo CD Repo component is in its lifecycle.\nThere are four possible repo values:\nPending: The Argo CD Repo component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD Repo component are in a Ready state.\nFailed: At least one of the Argo CD Repo component Pods had a failure.\nUnknown: The state of the Argo CD Repo component could not be obtained." type: "string" repoTLSChecksum: description: "RepoTLSChecksum contains the SHA256 checksum of the latest known state of tls.crt and tls.key in the argocd-repo-server-tls secret." type: "string" server: - description: "Server is a simple, high-level summary of where the Argo CD server component is in its lifecycle. There are four possible server values: Pending: The Argo CD server component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD server component are in a Ready state. Failed: At least one of the Argo CD server component Pods had a failure. Unknown: The state of the Argo CD server component could not be obtained." + description: "Server is a simple, high-level summary of where the Argo CD server component is in its lifecycle.\nThere are four possible server values:\nPending: The Argo CD server component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD server component are in a Ready state.\nFailed: At least one of the Argo CD server component Pods had a failure.\nUnknown: The state of the Argo CD server component could not be obtained." type: "string" sso: - description: "SSO is a simple, high-level summary of where the Argo CD SSO(Dex/Keycloak) component is in its lifecycle. There are four possible sso values: Pending: The Argo CD SSO component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD SSO component are in a Ready state. Failed: At least one of the Argo CD SSO component Pods had a failure. Unknown: The state of the Argo CD SSO component could not be obtained." + description: "SSO is a simple, high-level summary of where the Argo CD SSO(Dex/Keycloak) component is in its lifecycle.\nThere are four possible sso values:\nPending: The Argo CD SSO component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD SSO component are in a Ready state.\nFailed: At least one of the Argo CD SSO component Pods had a failure.\nUnknown: The state of the Argo CD SSO component could not be obtained." type: "string" type: "object" type: "object" @@ -4532,9 +4586,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/authzed/spicedb-operator/authzed.com/v1alpha1/spicedbclusters.yaml b/crd-catalog/authzed/spicedb-operator/authzed.com/v1alpha1/spicedbclusters.yaml index ec76792f7..310a35beb 100644 --- a/crd-catalog/authzed/spicedb-operator/authzed.com/v1alpha1/spicedbclusters.yaml +++ b/crd-catalog/authzed/spicedb-operator/authzed.com/v1alpha1/spicedbclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.12.1" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "spicedbclusters.authzed.com" spec: group: "authzed.com" @@ -51,10 +51,10 @@ spec: description: "SpiceDBCluster defines all options for a full SpiceDB cluster" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -62,14 +62,14 @@ spec: description: "ClusterSpec holds the desired state of the cluster." properties: channel: - description: "Channel is a defined series of updates that operator should follow. The operator is configured with a datasource that configures available channels and update paths. If `version` is not specified, then the operator will keep SpiceDB up-to-date with the current head of the channel. If `version` is specified, then the operator will write available updates in the status." + description: "Channel is a defined series of updates that operator should follow.\nThe operator is configured with a datasource that configures available\nchannels and update paths.\nIf `version` is not specified, then the operator will keep SpiceDB\nup-to-date with the current head of the channel.\nIf `version` is specified, then the operator will write available updates\nin the status." type: "string" config: description: "Config values to be passed to the cluster" type: "object" x-kubernetes-preserve-unknown-fields: true patches: - description: "Patches is a list of patches to apply to generated resources. If multiple patches apply to the same object and field, later patches in the list take precedence over earlier ones." + description: "Patches is a list of patches to apply to generated resources.\nIf multiple patches apply to the same object and field, later patches\nin the list take precedence over earlier ones." items: description: "Patch represents a single change to apply to generated manifests" properties: @@ -77,7 +77,7 @@ spec: description: "Kind targets an object by its kubernetes Kind name." type: "string" patch: - description: "Patch is an inlined representation of a structured merge patch (one that just specifies the structure and fields to be modified) or a an explicit JSON6902 patch operation." + description: "Patch is an inlined representation of a structured merge patch (one that\njust specifies the structure and fields to be modified) or a an explicit\nJSON6902 patch operation." type: "object" x-kubernetes-preserve-unknown-fields: true required: @@ -85,21 +85,21 @@ spec: type: "object" type: "array" secretName: - description: "SecretName points to a secret (in the same namespace) that holds secret config for the cluster like passwords, credentials, etc. If the secret is omitted, one will be generated" + description: "SecretName points to a secret (in the same namespace) that holds secret\nconfig for the cluster like passwords, credentials, etc.\nIf the secret is omitted, one will be generated" type: "string" version: - description: "Version is the name of the version of SpiceDB that will be run. The version is usually a simple version string like `v1.13.0`, but the operator is configured with a data source that tells it what versions are allowed, and they may have other names. If omitted, the newest version in the head of the channel will be used. Note that the `config.image` field will take precedence over version/channel, if it is specified" + description: "Version is the name of the version of SpiceDB that will be run.\nThe version is usually a simple version string like `v1.13.0`, but the\noperator is configured with a data source that tells it what versions\nare allowed, and they may have other names.\nIf omitted, the newest version in the head of the channel will be used.\nNote that the `config.image` field will take precedence over\nversion/channel, if it is specified" type: "string" type: "object" status: description: "ClusterStatus communicates the observed state of the cluster." properties: availableVersions: - description: "AvailableVersions is a list of versions that the currently running version can be updated to. Only applies if using an update channel." + description: "AvailableVersions is a list of versions that the currently running\nversion can be updated to. Only applies if using an update channel." items: properties: attributes: - description: "Attributes is an optional set of descriptors for the update, which carry additional information like whether there will be a migration if this version is selected." + description: "Attributes is an optional set of descriptors for the update, which\ncarry additional information like whether there will be a migration\nif this version is selected." items: type: "string" type: "array" @@ -120,23 +120,23 @@ spec: conditions: description: "Conditions for the current state of the Stack." items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -149,7 +149,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -162,7 +162,7 @@ spec: type: "object" type: "array" currentMigrationHash: - description: "CurrentMigrationHash is a hash of the currently running migration target and config. If this is equal to TargetMigrationHash (and there are no conditions) then the datastore is fully migrated." + description: "CurrentMigrationHash is a hash of the currently running migration target and config.\nIf this is equal to TargetMigrationHash (and there are no conditions) then the datastore\nis fully migrated." type: "string" image: description: "Image is the image that is or will be used for this cluster" @@ -171,7 +171,7 @@ spec: description: "Migration is the name of the last migration applied" type: "string" observedGeneration: - description: "ObservedGeneration represents the .metadata.generation that has been seen by the controller." + description: "ObservedGeneration represents the .metadata.generation that has been\nseen by the controller." format: "int64" minimum: 0.0 type: "integer" @@ -185,10 +185,10 @@ spec: description: "TargetMigrationHash is a hash of the desired migration target and config" type: "string" version: - description: "CurrentVersion is a description of the currently selected version from the channel, if an update channel is being used." + description: "CurrentVersion is a description of the currently selected version from\nthe channel, if an update channel is being used." properties: attributes: - description: "Attributes is an optional set of descriptors for the update, which carry additional information like whether there will be a migration if this version is selected." + description: "Attributes is an optional set of descriptors for the update, which\ncarry additional information like whether there will be a migration\nif this version is selected." items: type: "string" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml b/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml index 2572c3cd4..5c2ce2e91 100644 --- a/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml +++ b/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml @@ -266,6 +266,10 @@ spec: state: description: "The state of the cluster. The possible states are ACTIVE, CREATING, DELETING,\nFAILED, HEALING, MAINTENANCE, REBOOTING_BROKER, and UPDATING." type: "string" + zookeeperConnectString: + type: "string" + zookeeperConnectStringTLS: + type: "string" type: "object" type: "object" served: true diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsdatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsdatacenterconfigs.yaml index 7e9946d21..88c475892 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsdatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsdatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "awsdatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsiamconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsiamconfigs.yaml index 488b14633..2eb10def3 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsiamconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsiamconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "awsiamconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackdatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackdatacenterconfigs.yaml index c14cd4078..f0459ca94 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackdatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackdatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "cloudstackdatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackmachineconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackmachineconfigs.yaml index 64e35dcd8..05ff95fa3 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackmachineconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackmachineconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "cloudstackmachineconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/clusters.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/clusters.yaml index 20302a593..43905317c 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/clusters.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/clusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "clusters.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/controlplaneupgrades.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/controlplaneupgrades.yaml index 30a6ab670..0617ac9f8 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/controlplaneupgrades.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/controlplaneupgrades.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "controlplaneupgrades.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -93,7 +93,7 @@ spec: machinesRequireUpgrade: description: "MachinesRequireUpgrade is a list of references to CAPI machines that need to be upgraded." items: - description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." properties: apiVersion: description: "API version of the referent." diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/dockerdatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/dockerdatacenterconfigs.yaml index cb0d52866..bf5653dad 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/dockerdatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/dockerdatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "dockerdatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/fluxconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/fluxconfigs.yaml index ac6617d18..444d56845 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/fluxconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/fluxconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "fluxconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/gitopsconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/gitopsconfigs.yaml index 20f0aa4b2..98b3bb1d3 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/gitopsconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/gitopsconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "gitopsconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/machinedeploymentupgrades.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/machinedeploymentupgrades.yaml index 878caee77..e4712ee95 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/machinedeploymentupgrades.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/machinedeploymentupgrades.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "machinedeploymentupgrades.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -90,7 +90,7 @@ spec: machinesRequireUpgrade: description: "MachinesRequireUpgrade is a list of references to CAPI machines that need to be upgraded." items: - description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." properties: apiVersion: description: "API version of the referent." diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nodeupgrades.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nodeupgrades.yaml index 83c57dccd..7015cc560 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nodeupgrades.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nodeupgrades.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "nodeupgrades.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixdatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixdatacenterconfigs.yaml index 0ab216c66..bfda70e36 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixdatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixdatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "nutanixdatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixmachineconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixmachineconfigs.yaml index 595efce7d..eb5a6bc77 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixmachineconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixmachineconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "nutanixmachineconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/oidcconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/oidcconfigs.yaml index aada855ce..3270af0b6 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/oidcconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/oidcconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "oidcconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowdatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowdatacenterconfigs.yaml index 0bedd62d1..76f300cf3 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowdatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowdatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "snowdatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowippools.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowippools.yaml index 717e44451..70085d3cf 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowippools.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowippools.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "snowippools.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowmachineconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowmachineconfigs.yaml index 12d88166c..0b7f18389 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowmachineconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowmachineconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "snowmachineconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -95,9 +95,106 @@ spec: items: type: "string" type: "array" + clusterDomain: + description: "ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers to search this domain before the host’s search domains" + type: "string" + containerLogMaxFiles: + description: "ContainerLogMaxFiles specifies the maximum number of container log files that can be present for a container" + type: "integer" + containerLogMaxSize: + description: "ContainerLogMaxSize is a quantity defining the maximum size of the container log file before it is rotated" + type: "string" + cpuCFSQuota: + description: "CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits" + type: "boolean" + cpuManagerPolicy: + description: "CPUManagerPolicy is the name of the policy to use." + type: "string" + cpuManagerPolicyOptions: + additionalProperties: + type: "string" + description: "CPUManagerPolicyOptions is a set of key=value which allows to set extra options to fine tune the behaviour of the cpu manager policies" + type: "object" + cpuManagerReconcilePeriod: + description: "CPUManagerReconcilePeriod is the reconciliation period for the CPU Manager." + type: "string" + eventBurst: + description: "EventBurst is the maximum size of a burst of event creations." + type: "integer" + eventRecordQPS: + description: "EventRecordQPS is the maximum event creations per second." + type: "integer" + evictionHard: + additionalProperties: + type: "string" + description: "EvictionHard is a map of signal names to quantities that defines hard eviction thresholds." + type: "object" + evictionMaxPodGracePeriod: + description: "EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met." + type: "integer" + evictionSoft: + additionalProperties: + type: "string" + description: "EvictionSoft is a map of signal names to quantities that defines soft eviction thresholds." + type: "object" + evictionSoftGracePeriod: + additionalProperties: + type: "string" + description: "EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods for each soft eviction signal." + type: "object" + imageGCHighThresholdPercent: + description: "ImageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run." + type: "integer" + imageGCLowThresholdPercent: + description: "ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run." + type: "integer" + kubeAPIBurst: + description: "KubeAPIBurst is the burst to allow while talking with kubernetes API server." + type: "integer" + kubeAPIQPS: + description: "KubeAPIQPS is the QPS to use while talking with kubernetes apiserver." + type: "integer" + kubeReserved: + additionalProperties: + type: "string" + description: "KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for kubernetes system components" + type: "object" maxPods: description: "MaxPods defines the maximum number of pods that can run on a node." type: "integer" + memoryManagerPolicy: + description: "MemoryManagerPolicy is the name of the policy to use by memory manager." + type: "string" + podPidsLimit: + description: "PodPidsLimit is the maximum number of PIDs in any pod." + format: "int64" + type: "integer" + providerID: + description: "ProviderID sets the unique ID of the instance that an external provider." + type: "string" + registryBurst: + description: "RegistryBurst is the maximum size of bursty pulls." + type: "integer" + registryPullQPS: + description: "RegistryPullQPS is the limit of registry pulls per second." + type: "integer" + shutdownGracePeriod: + description: "ShutdownGracePeriod specifies the total duration that the node should delay the shutdown and total grace period for pod termination during a node shutdown." + type: "string" + shutdownGracePeriodCriticalPods: + description: "ShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown." + type: "string" + systemReserved: + additionalProperties: + type: "string" + description: "SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for non-kubernetes components." + type: "object" + topologyManagerPolicy: + description: "TopologyManagerPolicy is the name of the topology manager policy to use." + type: "string" + topologyManagerScope: + description: "TopologyManagerScope represents the scope of topology hint generation that topology manager requests and hint providers generate." + type: "string" type: "object" type: "object" certBundles: diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelldatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelldatacenterconfigs.yaml index 2b4d9fcc4..270bf5646 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelldatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelldatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "tinkerbelldatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbellmachineconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbellmachineconfigs.yaml index 05a5227d5..4c4c34e43 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbellmachineconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbellmachineconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "tinkerbellmachineconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -72,9 +72,106 @@ spec: items: type: "string" type: "array" + clusterDomain: + description: "ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers to search this domain before the host’s search domains" + type: "string" + containerLogMaxFiles: + description: "ContainerLogMaxFiles specifies the maximum number of container log files that can be present for a container" + type: "integer" + containerLogMaxSize: + description: "ContainerLogMaxSize is a quantity defining the maximum size of the container log file before it is rotated" + type: "string" + cpuCFSQuota: + description: "CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits" + type: "boolean" + cpuManagerPolicy: + description: "CPUManagerPolicy is the name of the policy to use." + type: "string" + cpuManagerPolicyOptions: + additionalProperties: + type: "string" + description: "CPUManagerPolicyOptions is a set of key=value which allows to set extra options to fine tune the behaviour of the cpu manager policies" + type: "object" + cpuManagerReconcilePeriod: + description: "CPUManagerReconcilePeriod is the reconciliation period for the CPU Manager." + type: "string" + eventBurst: + description: "EventBurst is the maximum size of a burst of event creations." + type: "integer" + eventRecordQPS: + description: "EventRecordQPS is the maximum event creations per second." + type: "integer" + evictionHard: + additionalProperties: + type: "string" + description: "EvictionHard is a map of signal names to quantities that defines hard eviction thresholds." + type: "object" + evictionMaxPodGracePeriod: + description: "EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met." + type: "integer" + evictionSoft: + additionalProperties: + type: "string" + description: "EvictionSoft is a map of signal names to quantities that defines soft eviction thresholds." + type: "object" + evictionSoftGracePeriod: + additionalProperties: + type: "string" + description: "EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods for each soft eviction signal." + type: "object" + imageGCHighThresholdPercent: + description: "ImageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run." + type: "integer" + imageGCLowThresholdPercent: + description: "ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run." + type: "integer" + kubeAPIBurst: + description: "KubeAPIBurst is the burst to allow while talking with kubernetes API server." + type: "integer" + kubeAPIQPS: + description: "KubeAPIQPS is the QPS to use while talking with kubernetes apiserver." + type: "integer" + kubeReserved: + additionalProperties: + type: "string" + description: "KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for kubernetes system components" + type: "object" maxPods: description: "MaxPods defines the maximum number of pods that can run on a node." type: "integer" + memoryManagerPolicy: + description: "MemoryManagerPolicy is the name of the policy to use by memory manager." + type: "string" + podPidsLimit: + description: "PodPidsLimit is the maximum number of PIDs in any pod." + format: "int64" + type: "integer" + providerID: + description: "ProviderID sets the unique ID of the instance that an external provider." + type: "string" + registryBurst: + description: "RegistryBurst is the maximum size of bursty pulls." + type: "integer" + registryPullQPS: + description: "RegistryPullQPS is the limit of registry pulls per second." + type: "integer" + shutdownGracePeriod: + description: "ShutdownGracePeriod specifies the total duration that the node should delay the shutdown and total grace period for pod termination during a node shutdown." + type: "string" + shutdownGracePeriodCriticalPods: + description: "ShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown." + type: "string" + systemReserved: + additionalProperties: + type: "string" + description: "SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for non-kubernetes components." + type: "object" + topologyManagerPolicy: + description: "TopologyManagerPolicy is the name of the topology manager policy to use." + type: "string" + topologyManagerScope: + description: "TopologyManagerScope represents the scope of topology hint generation that topology manager requests and hint providers generate." + type: "string" type: "object" type: "object" certBundles: diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelltemplateconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelltemplateconfigs.yaml index a85fa189b..f9e67d4c4 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelltemplateconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelltemplateconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "tinkerbelltemplateconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheredatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheredatacenterconfigs.yaml index c7f01e46b..7466288f8 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheredatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheredatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "vspheredatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheremachineconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheremachineconfigs.yaml index 1de542895..3353be83d 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheremachineconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheremachineconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" + controller-gen.kubebuilder.io/version: "v0.8.0" name: "vspheremachineconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -79,9 +79,106 @@ spec: items: type: "string" type: "array" + clusterDomain: + description: "ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers to search this domain before the host’s search domains" + type: "string" + containerLogMaxFiles: + description: "ContainerLogMaxFiles specifies the maximum number of container log files that can be present for a container" + type: "integer" + containerLogMaxSize: + description: "ContainerLogMaxSize is a quantity defining the maximum size of the container log file before it is rotated" + type: "string" + cpuCFSQuota: + description: "CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits" + type: "boolean" + cpuManagerPolicy: + description: "CPUManagerPolicy is the name of the policy to use." + type: "string" + cpuManagerPolicyOptions: + additionalProperties: + type: "string" + description: "CPUManagerPolicyOptions is a set of key=value which allows to set extra options to fine tune the behaviour of the cpu manager policies" + type: "object" + cpuManagerReconcilePeriod: + description: "CPUManagerReconcilePeriod is the reconciliation period for the CPU Manager." + type: "string" + eventBurst: + description: "EventBurst is the maximum size of a burst of event creations." + type: "integer" + eventRecordQPS: + description: "EventRecordQPS is the maximum event creations per second." + type: "integer" + evictionHard: + additionalProperties: + type: "string" + description: "EvictionHard is a map of signal names to quantities that defines hard eviction thresholds." + type: "object" + evictionMaxPodGracePeriod: + description: "EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met." + type: "integer" + evictionSoft: + additionalProperties: + type: "string" + description: "EvictionSoft is a map of signal names to quantities that defines soft eviction thresholds." + type: "object" + evictionSoftGracePeriod: + additionalProperties: + type: "string" + description: "EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods for each soft eviction signal." + type: "object" + imageGCHighThresholdPercent: + description: "ImageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run." + type: "integer" + imageGCLowThresholdPercent: + description: "ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run." + type: "integer" + kubeAPIBurst: + description: "KubeAPIBurst is the burst to allow while talking with kubernetes API server." + type: "integer" + kubeAPIQPS: + description: "KubeAPIQPS is the QPS to use while talking with kubernetes apiserver." + type: "integer" + kubeReserved: + additionalProperties: + type: "string" + description: "KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for kubernetes system components" + type: "object" maxPods: description: "MaxPods defines the maximum number of pods that can run on a node." type: "integer" + memoryManagerPolicy: + description: "MemoryManagerPolicy is the name of the policy to use by memory manager." + type: "string" + podPidsLimit: + description: "PodPidsLimit is the maximum number of PIDs in any pod." + format: "int64" + type: "integer" + providerID: + description: "ProviderID sets the unique ID of the instance that an external provider." + type: "string" + registryBurst: + description: "RegistryBurst is the maximum size of bursty pulls." + type: "integer" + registryPullQPS: + description: "RegistryPullQPS is the limit of registry pulls per second." + type: "integer" + shutdownGracePeriod: + description: "ShutdownGracePeriod specifies the total duration that the node should delay the shutdown and total grace period for pod termination during a node shutdown." + type: "string" + shutdownGracePeriodCriticalPods: + description: "ShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown." + type: "string" + systemReserved: + additionalProperties: + type: "string" + description: "SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for non-kubernetes components." + type: "object" + topologyManagerPolicy: + description: "TopologyManagerPolicy is the name of the topology manager policy to use." + type: "string" + topologyManagerScope: + description: "TopologyManagerScope represents the scope of topology hint generation that topology manager requests and hint providers generate." + type: "string" type: "object" type: "object" certBundles: diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml index 50c5f29b8..04280e36b 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml @@ -5,6 +5,17 @@ metadata: controller-gen.kubebuilder.io/version: "v0.15.0" name: "ec2nodeclasses.karpenter.k8s.aws" spec: + conversion: + strategy: "Webhook" + webhook: + clientConfig: + service: + name: "karpenter" + namespace: "kube-system" + port: 8443 + conversionReviewVersions: + - "v1beta1" + - "v1" group: "karpenter.k8s.aws" names: categories: @@ -18,7 +29,18 @@ spec: singular: "ec2nodeclass" scope: "Cluster" versions: - - name: "v1" + - additionalPrinterColumns: + - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" + name: "Ready" + type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" + - jsonPath: ".spec.role" + name: "Role" + priority: 1 + type: "string" + name: "v1" schema: openAPIV3Schema: description: "EC2NodeClass is the Schema for the EC2NodeClass API" @@ -34,22 +56,20 @@ spec: spec: description: "EC2NodeClassSpec is the top level specification for the AWS Karpenter Provider.\nThis will contain configuration necessary to launch instances in AWS." properties: - amiFamily: - description: "AMIFamily is the AMI family that instances use." - enum: - - "AL2" - - "AL2023" - - "Bottlerocket" - - "Ubuntu" - - "Custom" - - "Windows2019" - - "Windows2022" - type: "string" amiSelectorTerms: description: "AMISelectorTerms is a list of or ami selector terms. The terms are ORed." items: description: "AMISelectorTerm defines selection logic for an ami used by Karpenter to launch nodes.\nIf multiple fields are used for selection, the requirements are ANDed." properties: + alias: + description: "Alias specifies which EKS optimized AMI to select.\nEach alias consists of a family and an AMI version, specified as \"family@version\".\nValid families include: al2, al2023, bottlerocket, windows2019, and windows2022.\nThe version can either be pinned to a specific AMI release, with that AMIs version format (ex: \"al2023@v20240625\" or \"bottlerocket@v1.10.0\").\nThe version can also be set to \"latest\" for any family. Setting the version to latest will result in drift when a new AMI is released. This is **not** recommended for production environments.\nNote: The Windows families do **not** support version pinning, and only latest may be used." + maxLength: 30 + type: "string" + x-kubernetes-validations: + - message: "'alias' is improperly formatted, must match the format 'family@version'" + rule: "self.matches('^[a-zA-Z0-9]*@.*$')" + - message: "family is not supported, must be one of the following: 'al2', 'al2023', 'bottlerocket', 'windows2019', 'windows2022'" + rule: "self.find('^[^@]+') in ['al2','al2023','bottlerocket','windows2019','windows2022']" id: description: "ID is the ami id in EC2" pattern: "ami-[0-9a-z]+" @@ -71,12 +91,17 @@ spec: rule: "self.all(k, k != '' && self[k] != '')" type: "object" maxItems: 30 + minItems: 1 type: "array" x-kubernetes-validations: - - message: "expected at least one, got none, ['tags', 'id', 'name']" - rule: "self.all(x, has(x.tags) || has(x.id) || has(x.name))" + - message: "expected at least one, got none, ['tags', 'id', 'name', 'alias']" + rule: "self.all(x, has(x.tags) || has(x.id) || has(x.name) || has(x.alias))" - message: "'id' is mutually exclusive, cannot be set with a combination of other fields in amiSelectorTerms" - rule: "!self.all(x, has(x.id) && (has(x.tags) || has(x.name) || has(x.owner)))" + rule: "!self.exists(x, has(x.id) && (has(x.alias) || has(x.tags) || has(x.name) || has(x.owner)))" + - message: "'alias' is mutually exclusive, cannot be set with a combination of other fields in amiSelectorTerms" + rule: "!self.exists(x, has(x.alias) && (has(x.id) || has(x.tags) || has(x.name) || has(x.owner)))" + - message: "'alias' is mutually exclusive, cannot be set with a combination of other amiSelectorTerms" + rule: "!(self.exists(x, has(x.alias)) && self.size() != 1)" associatePublicIPAddress: description: "AssociatePublicIPAddress controls if public IP addresses are assigned to instances that are launched with the nodeclass." type: "boolean" @@ -155,6 +180,99 @@ spec: enum: - "RAID0" type: "string" + kubelet: + description: "Kubelet defines args to be used when configuring kubelet on provisioned nodes.\nThey are a subset of the upstream types, recognizing not all options may be supported.\nWherever possible, the types and names should reflect the upstream kubelet types." + properties: + clusterDNS: + description: "clusterDNS is a list of IP addresses for the cluster DNS server.\nNote that not all providers may use all addresses." + items: + type: "string" + type: "array" + cpuCFSQuota: + description: "CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits." + type: "boolean" + evictionHard: + additionalProperties: + pattern: "^((\\d{1,2}(\\.\\d{1,2})?|100(\\.0{1,2})?)%||(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?)$" + type: "string" + description: "EvictionHard is the map of signal names to quantities that define hard eviction thresholds" + type: "object" + x-kubernetes-validations: + - message: "valid keys for evictionHard are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']" + rule: "self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])" + evictionMaxPodGracePeriod: + description: "EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in\nresponse to soft eviction thresholds being met." + format: "int32" + type: "integer" + evictionSoft: + additionalProperties: + pattern: "^((\\d{1,2}(\\.\\d{1,2})?|100(\\.0{1,2})?)%||(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?)$" + type: "string" + description: "EvictionSoft is the map of signal names to quantities that define soft eviction thresholds" + type: "object" + x-kubernetes-validations: + - message: "valid keys for evictionSoft are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']" + rule: "self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])" + evictionSoftGracePeriod: + additionalProperties: + type: "string" + description: "EvictionSoftGracePeriod is the map of signal names to quantities that define grace periods for each eviction signal" + type: "object" + x-kubernetes-validations: + - message: "valid keys for evictionSoftGracePeriod are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']" + rule: "self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])" + imageGCHighThresholdPercent: + description: "ImageGCHighThresholdPercent is the percent of disk usage after which image\ngarbage collection is always run. The percent is calculated by dividing this\nfield value by 100, so this field must be between 0 and 100, inclusive.\nWhen specified, the value must be greater than ImageGCLowThresholdPercent." + format: "int32" + maximum: 100.0 + minimum: 0.0 + type: "integer" + imageGCLowThresholdPercent: + description: "ImageGCLowThresholdPercent is the percent of disk usage before which image\ngarbage collection is never run. Lowest disk usage to garbage collect to.\nThe percent is calculated by dividing this field value by 100,\nso the field value must be between 0 and 100, inclusive.\nWhen specified, the value must be less than imageGCHighThresholdPercent" + format: "int32" + maximum: 100.0 + minimum: 0.0 + type: "integer" + kubeReserved: + additionalProperties: + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + type: "string" + description: "KubeReserved contains resources reserved for Kubernetes system components." + type: "object" + x-kubernetes-validations: + - message: "valid keys for kubeReserved are ['cpu','memory','ephemeral-storage','pid']" + rule: "self.all(x, x=='cpu' || x=='memory' || x=='ephemeral-storage' || x=='pid')" + - message: "kubeReserved value cannot be a negative resource quantity" + rule: "self.all(x, !self[x].startsWith('-'))" + maxPods: + description: "MaxPods is an override for the maximum number of pods that can run on\na worker node instance." + format: "int32" + minimum: 0.0 + type: "integer" + podsPerCore: + description: "PodsPerCore is an override for the number of pods that can run on a worker node\ninstance based on the number of cpu cores. This value cannot exceed MaxPods, so, if\nMaxPods is a lower value, that value will be used." + format: "int32" + minimum: 0.0 + type: "integer" + systemReserved: + additionalProperties: + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + type: "string" + description: "SystemReserved contains resources reserved for OS system daemons and kernel memory." + type: "object" + x-kubernetes-validations: + - message: "valid keys for systemReserved are ['cpu','memory','ephemeral-storage','pid']" + rule: "self.all(x, x=='cpu' || x=='memory' || x=='ephemeral-storage' || x=='pid')" + - message: "systemReserved value cannot be a negative resource quantity" + rule: "self.all(x, !self[x].startsWith('-'))" + type: "object" + x-kubernetes-validations: + - message: "imageGCHighThresholdPercent must be greater than imageGCLowThresholdPercent" + rule: "has(self.imageGCHighThresholdPercent) && has(self.imageGCLowThresholdPercent) ? self.imageGCHighThresholdPercent > self.imageGCLowThresholdPercent : true" + - message: "evictionSoft OwnerKey does not have a matching evictionSoftGracePeriod" + rule: "has(self.evictionSoft) ? self.evictionSoft.all(e, (e in self.evictionSoftGracePeriod)):true" + - message: "evictionSoftGracePeriod OwnerKey does not have a matching evictionSoft" + rule: "has(self.evictionSoftGracePeriod) ? self.evictionSoftGracePeriod.all(e, (e in self.evictionSoft)):true" metadataOptions: default: httpEndpoint: "enabled" @@ -283,13 +401,10 @@ spec: description: "UserData to be applied to the provisioned nodes.\nIt must be in the appropriate format based on the AMIFamily in use. Karpenter will merge certain fields into\nthis UserData to ensure nodes are being provisioned with the correct configuration." type: "string" required: - - "amiFamily" - "securityGroupSelectorTerms" - "subnetSelectorTerms" type: "object" x-kubernetes-validations: - - message: "amiSelectorTerms is required when amiFamily == 'Custom'" - rule: "self.amiFamily == 'Custom' ? self.amiSelectorTerms.size() != 0 : true" - message: "must specify exactly one of ['role', 'instanceProfile']" rule: "(has(self.role) && !has(self.instanceProfile)) || (!has(self.role) && has(self.instanceProfile))" - message: "changing from 'instanceProfile' to 'role' is not supported. You must delete and recreate this node class if you want to change this." @@ -419,6 +534,6 @@ spec: type: "object" type: "object" served: true - storage: false + storage: true subresources: status: {} diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1beta1/ec2nodeclasses.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1beta1/ec2nodeclasses.yaml index 5318e507f..968190486 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1beta1/ec2nodeclasses.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1beta1/ec2nodeclasses.yaml @@ -5,6 +5,17 @@ metadata: controller-gen.kubebuilder.io/version: "v0.15.0" name: "ec2nodeclasses.karpenter.k8s.aws" spec: + conversion: + strategy: "Webhook" + webhook: + clientConfig: + service: + name: "karpenter" + namespace: "kube-system" + port: 8443 + conversionReviewVersions: + - "v1beta1" + - "v1" group: "karpenter.k8s.aws" names: categories: @@ -419,6 +430,6 @@ spec: type: "object" type: "object" served: true - storage: true + storage: false subresources: status: {} diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml index a7b9e1739..b089d106d 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml @@ -5,6 +5,17 @@ metadata: controller-gen.kubebuilder.io/version: "v0.15.0" name: "nodeclaims.karpenter.sh" spec: + conversion: + strategy: "Webhook" + webhook: + clientConfig: + service: + name: "karpenter" + namespace: "kube-system" + port: 8443 + conversionReviewVersions: + - "v1beta1" + - "v1" group: "karpenter.sh" names: categories: @@ -19,6 +30,9 @@ spec: - jsonPath: ".metadata.labels.node\\.kubernetes\\.io/instance-type" name: "Type" type: "string" + - jsonPath: ".metadata.labels.karpenter\\.sh/capacity-type" + name: "Capacity" + type: "string" - jsonPath: ".metadata.labels.topology\\.kubernetes\\.io/zone" name: "Zone" type: "string" @@ -31,8 +45,8 @@ spec: - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" - - jsonPath: ".metadata.labels.karpenter\\.sh/capacity-type" - name: "Capacity" + - jsonPath: ".status.providerID" + name: "ID" priority: 1 type: "string" - jsonPath: ".metadata.labels.karpenter\\.sh/nodepool" @@ -59,103 +73,15 @@ spec: spec: description: "NodeClaimSpec describes the desired state of the NodeClaim" properties: - kubelet: - description: "Kubelet defines args to be used when configuring kubelet on provisioned nodes.\nThey are a subset of the upstream types, recognizing not all options may be supported.\nWherever possible, the types and names should reflect the upstream kubelet types." - properties: - clusterDNS: - description: "clusterDNS is a list of IP addresses for the cluster DNS server.\nNote that not all providers may use all addresses." - items: - type: "string" - type: "array" - cpuCFSQuota: - description: "CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits." - type: "boolean" - evictionHard: - additionalProperties: - pattern: "^((\\d{1,2}(\\.\\d{1,2})?|100(\\.0{1,2})?)%||(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?)$" - type: "string" - description: "EvictionHard is the map of signal names to quantities that define hard eviction thresholds" - type: "object" - x-kubernetes-validations: - - message: "valid keys for evictionHard are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']" - rule: "self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])" - evictionMaxPodGracePeriod: - description: "EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in\nresponse to soft eviction thresholds being met." - format: "int32" - type: "integer" - evictionSoft: - additionalProperties: - pattern: "^((\\d{1,2}(\\.\\d{1,2})?|100(\\.0{1,2})?)%||(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?)$" - type: "string" - description: "EvictionSoft is the map of signal names to quantities that define soft eviction thresholds" - type: "object" - x-kubernetes-validations: - - message: "valid keys for evictionSoft are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']" - rule: "self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])" - evictionSoftGracePeriod: - additionalProperties: - type: "string" - description: "EvictionSoftGracePeriod is the map of signal names to quantities that define grace periods for each eviction signal" - type: "object" - x-kubernetes-validations: - - message: "valid keys for evictionSoftGracePeriod are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']" - rule: "self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])" - imageGCHighThresholdPercent: - description: "ImageGCHighThresholdPercent is the percent of disk usage after which image\ngarbage collection is always run. The percent is calculated by dividing this\nfield value by 100, so this field must be between 0 and 100, inclusive.\nWhen specified, the value must be greater than ImageGCLowThresholdPercent." - format: "int32" - maximum: 100.0 - minimum: 0.0 - type: "integer" - imageGCLowThresholdPercent: - description: "ImageGCLowThresholdPercent is the percent of disk usage before which image\ngarbage collection is never run. Lowest disk usage to garbage collect to.\nThe percent is calculated by dividing this field value by 100,\nso the field value must be between 0 and 100, inclusive.\nWhen specified, the value must be less than imageGCHighThresholdPercent" - format: "int32" - maximum: 100.0 - minimum: 0.0 - type: "integer" - kubeReserved: - additionalProperties: - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - type: "string" - description: "KubeReserved contains resources reserved for Kubernetes system components." - type: "object" - x-kubernetes-validations: - - message: "valid keys for kubeReserved are ['cpu','memory','ephemeral-storage','pid']" - rule: "self.all(x, x=='cpu' || x=='memory' || x=='ephemeral-storage' || x=='pid')" - - message: "kubeReserved value cannot be a negative resource quantity" - rule: "self.all(x, !self[x].startsWith('-'))" - maxPods: - description: "MaxPods is an override for the maximum number of pods that can run on\na worker node instance." - format: "int32" - minimum: 0.0 - type: "integer" - podsPerCore: - description: "PodsPerCore is an override for the number of pods that can run on a worker node\ninstance based on the number of cpu cores. This value cannot exceed MaxPods, so, if\nMaxPods is a lower value, that value will be used." - format: "int32" - minimum: 0.0 - type: "integer" - systemReserved: - additionalProperties: - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - type: "string" - description: "SystemReserved contains resources reserved for OS system daemons and kernel memory." - type: "object" - x-kubernetes-validations: - - message: "valid keys for systemReserved are ['cpu','memory','ephemeral-storage','pid']" - rule: "self.all(x, x=='cpu' || x=='memory' || x=='ephemeral-storage' || x=='pid')" - - message: "systemReserved value cannot be a negative resource quantity" - rule: "self.all(x, !self[x].startsWith('-'))" - type: "object" - x-kubernetes-validations: - - message: "imageGCHighThresholdPercent must be greater than imageGCLowThresholdPercent" - rule: "has(self.imageGCHighThresholdPercent) && has(self.imageGCLowThresholdPercent) ? self.imageGCHighThresholdPercent > self.imageGCLowThresholdPercent : true" - - message: "evictionSoft OwnerKey does not have a matching evictionSoftGracePeriod" - rule: "has(self.evictionSoft) ? self.evictionSoft.all(e, (e in self.evictionSoftGracePeriod)):true" - - message: "evictionSoftGracePeriod OwnerKey does not have a matching evictionSoft" - rule: "has(self.evictionSoftGracePeriod) ? self.evictionSoftGracePeriod.all(e, (e in self.evictionSoft)):true" + expireAfter: + default: "720h" + description: "ExpireAfter is the duration the controller will wait\nbefore terminating a node, measured from when the node is created. This\nis useful to implement features like eventually consistent node upgrade,\nmemory leak protection, and disruption testing." + pattern: "^(([0-9]+(s|m|h))+)|(Never)$" + type: "string" nodeClassRef: description: "NodeClassRef is a reference to an object that defines provider specific configuration" properties: - apiVersion: + group: description: "API version of the referent" type: "string" kind: @@ -165,6 +91,8 @@ spec: description: "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names" type: "string" required: + - "group" + - "kind" - "name" type: "object" requirements: @@ -297,10 +225,17 @@ spec: - "key" type: "object" type: "array" + terminationGracePeriod: + description: "TerminationGracePeriod is the maximum duration the controller will wait before forcefully deleting the pods on a node, measured from when deletion is first initiated.\n\n\nWarning: this feature takes precedence over a Pod's terminationGracePeriodSeconds value, and bypasses any blocked PDBs or the karpenter.sh/do-not-disrupt annotation.\n\n\nThis field is intended to be used by cluster administrators to enforce that nodes can be cycled within a given time period.\nWhen set, drifted nodes will begin draining even if there are pods blocking eviction. Draining will respect PDBs and the do-not-disrupt annotation until the TGP is reached.\n\n\nKarpenter will preemptively delete pods so their terminationGracePeriodSeconds align with the node's terminationGracePeriod.\nIf a pod would be terminated without being granted its full terminationGracePeriodSeconds prior to the node timeout,\nthat pod will be deleted at T = node timeout - pod terminationGracePeriodSeconds.\n\n\nThe feature can also be used to allow maximum time limits for long-running jobs which can delay node termination with preStop hooks.\nIf left undefined, the controller will wait indefinitely for pods to be drained." + pattern: "^([0-9]+(s|m|h))+$" + type: "string" required: - "nodeClassRef" - "requirements" type: "object" + x-kubernetes-validations: + - message: "spec is immutable" + rule: "self == oldSelf" status: description: "NodeClaimStatus defines the observed state of NodeClaim" properties: @@ -377,6 +312,6 @@ spec: - "spec" type: "object" served: true - storage: false + storage: true subresources: status: {} diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml index 34b0b379a..6c6725467 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml @@ -5,6 +5,17 @@ metadata: controller-gen.kubebuilder.io/version: "v0.15.0" name: "nodepools.karpenter.sh" spec: + conversion: + strategy: "Webhook" + webhook: + clientConfig: + service: + name: "karpenter" + namespace: "kube-system" + port: 8443 + conversionReviewVersions: + - "v1beta1" + - "v1" group: "karpenter.sh" names: categories: @@ -19,9 +30,26 @@ spec: - jsonPath: ".spec.template.spec.nodeClassRef.name" name: "NodeClass" type: "string" + - jsonPath: ".status.resources.nodes" + name: "Nodes" + type: "string" + - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" + name: "Ready" + type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" - jsonPath: ".spec.weight" name: "Weight" priority: 1 + type: "integer" + - jsonPath: ".status.resources.cpu" + name: "CPU" + priority: 1 + type: "string" + - jsonPath: ".status.resources.memory" + name: "Memory" + priority: 1 type: "string" name: "v1" schema: @@ -42,7 +70,6 @@ spec: disruption: default: consolidationPolicy: "WhenUnderutilized" - expireAfter: "720h" description: "Disruption contains the parameters that relate to Karpenter's disruption logic" properties: budgets: @@ -61,6 +88,16 @@ spec: description: "Nodes dictates the maximum number of NodeClaims owned by this NodePool\nthat can be terminating at once. This is calculated by counting nodes that\nhave a deletion timestamp set, or are actively being deleted by Karpenter.\nThis field is required when specifying a budget.\nThis cannot be of type intstr.IntOrString since kubebuilder doesn't support pattern\nchecking for int nodes for IntOrString nodes.\nRef: https://github.com/kubernetes-sigs/controller-tools/blob/55efe4be40394a288216dab63156b0a64fb82929/pkg/crd/markers/validation.go#L379-L388" pattern: "^((100|[0-9]{1,2})%|[0-9]+)$" type: "string" + reasons: + description: "Reasons is a list of disruption methods that this budget applies to. If Reasons is not set, this budget applies to all methods.\nOtherwise, this will apply to each reason defined.\nallowed reasons are Underutilized, Empty, and Drifted." + items: + description: "DisruptionReason defines valid reasons for disruption budgets." + enum: + - "Underutilized" + - "Empty" + - "Drifted" + type: "string" + type: "array" schedule: description: "Schedule specifies when a budget begins being active, following\nthe upstream cronjob syntax. If omitted, the budget is always active.\nTimezones are not supported.\nThis field is required if Duration is set." pattern: "^(@(annually|yearly|monthly|weekly|daily|midnight|hourly))|((.+)\\s(.+)\\s(.+)\\s(.+)\\s(.+))$" @@ -84,11 +121,6 @@ spec: - "WhenEmpty" - "WhenUnderutilized" type: "string" - expireAfter: - default: "720h" - description: "ExpireAfter is the duration the controller will wait\nbefore terminating a node, measured from when the node is created. This\nis useful to implement features like eventually consistent node upgrade,\nmemory leak protection, and disruption testing." - pattern: "^(([0-9]+(s|m|h))+)|(Never)$" - type: "string" type: "object" x-kubernetes-validations: - message: "consolidateAfter cannot be combined with consolidationPolicy=WhenUnderutilized" @@ -139,103 +171,15 @@ spec: spec: description: "NodeClaimSpec describes the desired state of the NodeClaim" properties: - kubelet: - description: "Kubelet defines args to be used when configuring kubelet on provisioned nodes.\nThey are a subset of the upstream types, recognizing not all options may be supported.\nWherever possible, the types and names should reflect the upstream kubelet types." - properties: - clusterDNS: - description: "clusterDNS is a list of IP addresses for the cluster DNS server.\nNote that not all providers may use all addresses." - items: - type: "string" - type: "array" - cpuCFSQuota: - description: "CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits." - type: "boolean" - evictionHard: - additionalProperties: - pattern: "^((\\d{1,2}(\\.\\d{1,2})?|100(\\.0{1,2})?)%||(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?)$" - type: "string" - description: "EvictionHard is the map of signal names to quantities that define hard eviction thresholds" - type: "object" - x-kubernetes-validations: - - message: "valid keys for evictionHard are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']" - rule: "self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])" - evictionMaxPodGracePeriod: - description: "EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in\nresponse to soft eviction thresholds being met." - format: "int32" - type: "integer" - evictionSoft: - additionalProperties: - pattern: "^((\\d{1,2}(\\.\\d{1,2})?|100(\\.0{1,2})?)%||(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?)$" - type: "string" - description: "EvictionSoft is the map of signal names to quantities that define soft eviction thresholds" - type: "object" - x-kubernetes-validations: - - message: "valid keys for evictionSoft are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']" - rule: "self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])" - evictionSoftGracePeriod: - additionalProperties: - type: "string" - description: "EvictionSoftGracePeriod is the map of signal names to quantities that define grace periods for each eviction signal" - type: "object" - x-kubernetes-validations: - - message: "valid keys for evictionSoftGracePeriod are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']" - rule: "self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])" - imageGCHighThresholdPercent: - description: "ImageGCHighThresholdPercent is the percent of disk usage after which image\ngarbage collection is always run. The percent is calculated by dividing this\nfield value by 100, so this field must be between 0 and 100, inclusive.\nWhen specified, the value must be greater than ImageGCLowThresholdPercent." - format: "int32" - maximum: 100.0 - minimum: 0.0 - type: "integer" - imageGCLowThresholdPercent: - description: "ImageGCLowThresholdPercent is the percent of disk usage before which image\ngarbage collection is never run. Lowest disk usage to garbage collect to.\nThe percent is calculated by dividing this field value by 100,\nso the field value must be between 0 and 100, inclusive.\nWhen specified, the value must be less than imageGCHighThresholdPercent" - format: "int32" - maximum: 100.0 - minimum: 0.0 - type: "integer" - kubeReserved: - additionalProperties: - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - type: "string" - description: "KubeReserved contains resources reserved for Kubernetes system components." - type: "object" - x-kubernetes-validations: - - message: "valid keys for kubeReserved are ['cpu','memory','ephemeral-storage','pid']" - rule: "self.all(x, x=='cpu' || x=='memory' || x=='ephemeral-storage' || x=='pid')" - - message: "kubeReserved value cannot be a negative resource quantity" - rule: "self.all(x, !self[x].startsWith('-'))" - maxPods: - description: "MaxPods is an override for the maximum number of pods that can run on\na worker node instance." - format: "int32" - minimum: 0.0 - type: "integer" - podsPerCore: - description: "PodsPerCore is an override for the number of pods that can run on a worker node\ninstance based on the number of cpu cores. This value cannot exceed MaxPods, so, if\nMaxPods is a lower value, that value will be used." - format: "int32" - minimum: 0.0 - type: "integer" - systemReserved: - additionalProperties: - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - type: "string" - description: "SystemReserved contains resources reserved for OS system daemons and kernel memory." - type: "object" - x-kubernetes-validations: - - message: "valid keys for systemReserved are ['cpu','memory','ephemeral-storage','pid']" - rule: "self.all(x, x=='cpu' || x=='memory' || x=='ephemeral-storage' || x=='pid')" - - message: "systemReserved value cannot be a negative resource quantity" - rule: "self.all(x, !self[x].startsWith('-'))" - type: "object" - x-kubernetes-validations: - - message: "imageGCHighThresholdPercent must be greater than imageGCLowThresholdPercent" - rule: "has(self.imageGCHighThresholdPercent) && has(self.imageGCLowThresholdPercent) ? self.imageGCHighThresholdPercent > self.imageGCLowThresholdPercent : true" - - message: "evictionSoft OwnerKey does not have a matching evictionSoftGracePeriod" - rule: "has(self.evictionSoft) ? self.evictionSoft.all(e, (e in self.evictionSoftGracePeriod)):true" - - message: "evictionSoftGracePeriod OwnerKey does not have a matching evictionSoft" - rule: "has(self.evictionSoftGracePeriod) ? self.evictionSoftGracePeriod.all(e, (e in self.evictionSoft)):true" + expireAfter: + default: "720h" + description: "ExpireAfter is the duration the controller will wait\nbefore terminating a node, measured from when the node is created. This\nis useful to implement features like eventually consistent node upgrade,\nmemory leak protection, and disruption testing." + pattern: "^(([0-9]+(s|m|h))+)|(Never)$" + type: "string" nodeClassRef: description: "NodeClassRef is a reference to an object that defines provider specific configuration" properties: - apiVersion: + group: description: "API version of the referent" type: "string" kind: @@ -245,6 +189,8 @@ spec: description: "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names" type: "string" required: + - "group" + - "kind" - "name" type: "object" requirements: @@ -306,20 +252,6 @@ spec: rule: "self.all(x, (x.operator == 'Gt' || x.operator == 'Lt') ? (x.values.size() == 1 && int(x.values[0]) >= 0) : true)" - message: "requirements with 'minValues' must have at least that many values specified in the 'values' field" rule: "self.all(x, (x.operator == 'In' && has(x.minValues)) ? x.values.size() >= x.minValues : true)" - resources: - description: "Resources models the resource requirements for the NodeClaim to launch" - maxProperties: 0 - properties: - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum required resources for the NodeClaim to launch" - type: "object" - type: "object" startupTaints: description: "StartupTaints are taints that are applied to nodes upon startup which are expected to be removed automatically\nwithin a short period of time, typically by a DaemonSet that tolerates the taint. These are commonly used by\ndaemonsets to allow initialization and enforce startup ordering. StartupTaints are ignored for provisioning\npurposes in that pods are not required to tolerate a StartupTaint in order to have nodes provisioned for them." items: @@ -380,6 +312,10 @@ spec: - "key" type: "object" type: "array" + terminationGracePeriod: + description: "TerminationGracePeriod is the maximum duration the controller will wait before forcefully deleting the pods on a node, measured from when deletion is first initiated.\n\n\nWarning: this feature takes precedence over a Pod's terminationGracePeriodSeconds value, and bypasses any blocked PDBs or the karpenter.sh/do-not-disrupt annotation.\n\n\nThis field is intended to be used by cluster administrators to enforce that nodes can be cycled within a given time period.\nWhen set, drifted nodes will begin draining even if there are pods blocking eviction. Draining will respect PDBs and the do-not-disrupt annotation until the TGP is reached.\n\n\nKarpenter will preemptively delete pods so their terminationGracePeriodSeconds align with the node's terminationGracePeriod.\nIf a pod would be terminated without being granted its full terminationGracePeriodSeconds prior to the node timeout,\nthat pod will be deleted at T = node timeout - pod terminationGracePeriodSeconds.\n\n\nThe feature can also be used to allow maximum time limits for long-running jobs which can delay node termination with preStop hooks.\nIf left undefined, the controller will wait indefinitely for pods to be drained." + pattern: "^([0-9]+(s|m|h))+$" + type: "string" required: - "nodeClassRef" - "requirements" @@ -399,6 +335,50 @@ spec: status: description: "NodePoolStatus defines the observed state of NodePool" properties: + conditions: + description: "Conditions contains signals for health and readiness" + items: + description: "Condition aliases the upstream type and adds additional helper methods" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" resources: additionalProperties: anyOf: @@ -413,6 +393,6 @@ spec: - "spec" type: "object" served: true - storage: false + storage: true subresources: status: {} diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml index 349f5bc92..c7f2fb0a4 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml @@ -5,6 +5,17 @@ metadata: controller-gen.kubebuilder.io/version: "v0.15.0" name: "nodeclaims.karpenter.sh" spec: + conversion: + strategy: "Webhook" + webhook: + clientConfig: + service: + name: "karpenter" + namespace: "kube-system" + port: 8443 + conversionReviewVersions: + - "v1beta1" + - "v1" group: "karpenter.sh" names: categories: @@ -295,6 +306,10 @@ spec: - "key" type: "object" type: "array" + terminationGracePeriod: + description: "TerminationGracePeriod is the maximum duration the controller will wait before forcefully deleting the pods on a node, measured from when deletion is first initiated.\n\n\nWarning: this feature takes precedence over a Pod's terminationGracePeriodSeconds value, and bypasses any blocked PDBs or the karpenter.sh/do-not-disrupt annotation.\n\n\nThis field is intended to be used by cluster administrators to enforce that nodes can be cycled within a given time period.\nWhen set, drifted nodes will begin draining even if there are pods blocking eviction. Draining will respect PDBs and the do-not-disrupt annotation until the TGP is reached.\n\n\nKarpenter will preemptively delete pods so their terminationGracePeriodSeconds align with the node's terminationGracePeriod.\nIf a pod would be terminated without being granted its full terminationGracePeriodSeconds prior to the node timeout,\nthat pod will be deleted at T = node timeout - pod terminationGracePeriodSeconds.\n\n\nThe feature can also be used to allow maximum time limits for long-running jobs which can delay node termination with preStop hooks.\nIf left undefined, the controller will wait indefinitely for pods to be drained." + pattern: "^([0-9]+(s|m|h))+$" + type: "string" required: - "nodeClassRef" - "requirements" @@ -378,6 +393,6 @@ spec: - "spec" type: "object" served: true - storage: true + storage: false subresources: status: {} diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml index 911265391..678a3833b 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml @@ -5,6 +5,17 @@ metadata: controller-gen.kubebuilder.io/version: "v0.15.0" name: "nodepools.karpenter.sh" spec: + conversion: + strategy: "Webhook" + webhook: + clientConfig: + service: + name: "karpenter" + namespace: "kube-system" + port: 8443 + conversionReviewVersions: + - "v1beta1" + - "v1" group: "karpenter.sh" names: categories: @@ -62,14 +73,13 @@ spec: pattern: "^((100|[0-9]{1,2})%|[0-9]+)$" type: "string" reasons: - description: "Reasons is a list of disruption methods that this budget applies to. If Reasons is not set, this budget applies to all methods.\nOtherwise, this will apply to each reason defined.\nallowed reasons are underutilized, expired, empty, and drifted." + description: "Reasons is a list of disruption methods that this budget applies to. If Reasons is not set, this budget applies to all methods.\nOtherwise, this will apply to each reason defined.\nallowed reasons are Underutilized, Empty, and Drifted." items: description: "DisruptionReason defines valid reasons for disruption budgets." enum: - - "underutilized" - - "expired" - - "empty" - - "drifted" + - "Underutilized" + - "Empty" + - "Drifted" type: "string" type: "array" schedule: @@ -387,6 +397,10 @@ spec: - "key" type: "object" type: "array" + terminationGracePeriod: + description: "TerminationGracePeriod is the maximum duration the controller will wait before forcefully deleting the pods on a node, measured from when deletion is first initiated.\n\n\nWarning: this feature takes precedence over a Pod's terminationGracePeriodSeconds value, and bypasses any blocked PDBs or the karpenter.sh/do-not-disrupt annotation.\n\n\nThis field is intended to be used by cluster administrators to enforce that nodes can be cycled within a given time period.\nWhen set, drifted nodes will begin draining even if there are pods blocking eviction. Draining will respect PDBs and the do-not-disrupt annotation until the TGP is reached.\n\n\nKarpenter will preemptively delete pods so their terminationGracePeriodSeconds align with the node's terminationGracePeriod.\nIf a pod would be terminated without being granted its full terminationGracePeriodSeconds prior to the node timeout,\nthat pod will be deleted at T = node timeout - pod terminationGracePeriodSeconds.\n\n\nThe feature can also be used to allow maximum time limits for long-running jobs which can delay node termination with preStop hooks.\nIf left undefined, the controller will wait indefinitely for pods to be drained." + pattern: "^([0-9]+(s|m|h))+$" + type: "string" required: - "nodeClassRef" - "requirements" @@ -406,6 +420,50 @@ spec: status: description: "NodePoolStatus defines the observed state of NodePool" properties: + conditions: + description: "Conditions contains signals for health and readiness" + items: + description: "Condition aliases the upstream type and adds additional helper methods" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" resources: additionalProperties: anyOf: @@ -420,6 +478,6 @@ spec: - "spec" type: "object" served: true - storage: true + storage: false subresources: status: {} diff --git a/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationdestinations.yaml b/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationdestinations.yaml index 576782fc9..61ffee4e1 100644 --- a/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationdestinations.yaml +++ b/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationdestinations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "replicationdestinations.volsync.backube" spec: group: "volsync.backube" @@ -28,29 +28,29 @@ spec: name: "v1alpha1" schema: openAPIV3Schema: - description: "A ReplicationDestination is a VolSync resource that you can use to define the destination of a VolSync replication or synchronization." + description: "A ReplicationDestination is a VolSync resource that you can use to define the destination of a VolSync replication\nor synchronization." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "spec is the desired state of the ReplicationDestination, including the replication method to use and its configuration." + description: "spec is the desired state of the ReplicationDestination, including the\nreplication method to use and its configuration." properties: external: - description: "external defines the configuration when using an external replication provider." + description: "external defines the configuration when using an external replication\nprovider." properties: parameters: additionalProperties: type: "string" - description: "parameters are provider-specific key/value configuration parameters. For more information, please see the documentation of the specific replication provider being used." + description: "parameters are provider-specific key/value configuration parameters. For\nmore information, please see the documentation of the specific\nreplication provider being used." type: "object" provider: - description: "provider is the name of the external replication provider. The name should be of the form: domain.com/provider." + description: "provider is the name of the external replication provider. The name\nshould be of the form: domain.com/provider." type: "string" type: "object" paused: @@ -73,7 +73,7 @@ spec: pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true copyMethod: - description: "copyMethod describes how a point-in-time (PiT) image of the destination volume should be created." + description: "copyMethod describes how a point-in-time (PiT) image of the destination\nvolume should be created." enum: - "Direct" - "None" @@ -84,33 +84,33 @@ spec: description: "customCA is a custom CA that will be used to verify the remote" properties: configMapName: - description: "The name of a ConfigMap that contains the custom CA certificate If ConfigMapName is used then SecretName should not be set" + description: "The name of a ConfigMap that contains the custom CA certificate\nIf ConfigMapName is used then SecretName should not be set" type: "string" key: description: "The key within the Secret or ConfigMap containing the CA certificate" type: "string" secretName: - description: "The name of a Secret that contains the custom CA certificate If SecretName is used then ConfigMapName should not be set" + description: "The name of a Secret that contains the custom CA certificate\nIf SecretName is used then ConfigMapName should not be set" type: "string" type: "object" destinationPVC: - description: "destinationPVC is a PVC to use as the transfer destination instead of automatically provisioning one. Either this field or both capacity and accessModes must be specified." + description: "destinationPVC is a PVC to use as the transfer destination instead of\nautomatically provisioning one. Either this field or both capacity and\naccessModes must be specified." type: "string" moverPodLabels: additionalProperties: type: "string" - description: "Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add" + description: "Labels that should be added to data mover pods\nThese will be in addition to any labels that VolSync may add" type: "object" moverResources: - description: "Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources." + description: "Resources represents compute resources required by the data mover container.\nImmutable.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/\nThis should only be used by advanced users as this can result in a mover\npod being unschedulable or crashing due to limited resources." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -126,7 +126,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -135,32 +135,44 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" moverSecurityContext: - description: "MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover" + description: "MoverSecurityContext allows specifying the PodSecurityContext that will\nbe used by the data mover" properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows." + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." type: "string" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -176,25 +188,26 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows." + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: description: "Sysctl defines a kernel parameter to be set" properties: @@ -209,25 +222,26 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" moverServiceAccount: - description: "MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR." + description: "MoverServiceAccount allows specifying the name of the service account\nthat will be used by the data mover. This should only be used by advanced\nusers who want to override the service account normally used by the mover.\nThe service account needs to exist in the same namespace as this CR." type: "string" rcloneConfig: description: "RcloneConfig is the rclone secret name" @@ -239,10 +253,10 @@ spec: description: "RcloneDestPath is the remote path to sync to." type: "string" storageClassName: - description: "storageClassName can be used to specify the StorageClass of the destination volume. If not set, the default StorageClass will be used." + description: "storageClassName can be used to specify the StorageClass of the\ndestination volume. If not set, the default StorageClass will be used." type: "string" volumeSnapshotClassName: - description: "volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used." + description: "volumeSnapshotClassName can be used to specify the VSC to be used if\ncopyMethod is Snapshot. If not set, the default VSC is used." type: "string" type: "object" restic: @@ -267,7 +281,7 @@ spec: pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true cacheStorageClassName: - description: "cacheStorageClassName can be used to set the StorageClass of the restic metadata cache volume" + description: "cacheStorageClassName can be used to set the StorageClass of the restic\nmetadata cache volume" type: "string" capacity: anyOf: @@ -277,7 +291,7 @@ spec: pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true copyMethod: - description: "copyMethod describes how a point-in-time (PiT) image of the destination volume should be created." + description: "copyMethod describes how a point-in-time (PiT) image of the destination\nvolume should be created." enum: - "Direct" - "None" @@ -288,33 +302,33 @@ spec: description: "customCA is a custom CA that will be used to verify the remote" properties: configMapName: - description: "The name of a ConfigMap that contains the custom CA certificate If ConfigMapName is used then SecretName should not be set" + description: "The name of a ConfigMap that contains the custom CA certificate\nIf ConfigMapName is used then SecretName should not be set" type: "string" key: description: "The key within the Secret or ConfigMap containing the CA certificate" type: "string" secretName: - description: "The name of a Secret that contains the custom CA certificate If SecretName is used then ConfigMapName should not be set" + description: "The name of a Secret that contains the custom CA certificate\nIf SecretName is used then ConfigMapName should not be set" type: "string" type: "object" destinationPVC: - description: "destinationPVC is a PVC to use as the transfer destination instead of automatically provisioning one. Either this field or both capacity and accessModes must be specified." + description: "destinationPVC is a PVC to use as the transfer destination instead of\nautomatically provisioning one. Either this field or both capacity and\naccessModes must be specified." type: "string" moverPodLabels: additionalProperties: type: "string" - description: "Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add" + description: "Labels that should be added to data mover pods\nThese will be in addition to any labels that VolSync may add" type: "object" moverResources: - description: "Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources." + description: "Resources represents compute resources required by the data mover container.\nImmutable.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/\nThis should only be used by advanced users as this can result in a mover\npod being unschedulable or crashing due to limited resources." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -330,7 +344,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -339,32 +353,44 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" moverSecurityContext: - description: "MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover" + description: "MoverSecurityContext allows specifying the PodSecurityContext that will\nbe used by the data mover" properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows." + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." type: "string" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -380,25 +406,26 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows." + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: description: "Sysctl defines a kernel parameter to be set" properties: @@ -413,25 +440,26 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" moverServiceAccount: - description: "MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR." + description: "MoverServiceAccount allows specifying the name of the service account\nthat will be used by the data mover. This should only be used by advanced\nusers who want to override the service account normally used by the mover.\nThe service account needs to exist in the same namespace as this CR." type: "string" previous: description: "Previous specifies the number of image to skip before selecting one to restore from" @@ -445,10 +473,10 @@ spec: format: "date-time" type: "string" storageClassName: - description: "storageClassName can be used to specify the StorageClass of the destination volume. If not set, the default StorageClass will be used." + description: "storageClassName can be used to specify the StorageClass of the\ndestination volume. If not set, the default StorageClass will be used." type: "string" volumeSnapshotClassName: - description: "volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used." + description: "volumeSnapshotClassName can be used to specify the VSC to be used if\ncopyMethod is Snapshot. If not set, the default VSC is used." type: "string" type: "object" rsync: @@ -471,7 +499,7 @@ spec: pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true copyMethod: - description: "copyMethod describes how a point-in-time (PiT) image of the destination volume should be created." + description: "copyMethod describes how a point-in-time (PiT) image of the destination\nvolume should be created." enum: - "Direct" - "None" @@ -479,23 +507,23 @@ spec: - "Snapshot" type: "string" destinationPVC: - description: "destinationPVC is a PVC to use as the transfer destination instead of automatically provisioning one. Either this field or both capacity and accessModes must be specified." + description: "destinationPVC is a PVC to use as the transfer destination instead of\nautomatically provisioning one. Either this field or both capacity and\naccessModes must be specified." type: "string" moverPodLabels: additionalProperties: type: "string" - description: "Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add" + description: "Labels that should be added to data mover pods\nThese will be in addition to any labels that VolSync may add" type: "object" moverResources: - description: "Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources." + description: "Resources represents compute resources required by the data mover container.\nImmutable.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/\nThis should only be used by advanced users as this can result in a mover\npod being unschedulable or crashing due to limited resources." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -511,7 +539,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -520,11 +548,11 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" moverServiceAccount: - description: "MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as the ReplicationDestination." + description: "MoverServiceAccount allows specifying the name of the service account\nthat will be used by the data mover. This should only be used by advanced\nusers who want to override the service account normally used by the mover.\nThe service account needs to exist in the same namespace as the ReplicationDestination." type: "string" path: description: "path is the remote path to rsync from. Defaults to \"/\"" @@ -538,22 +566,22 @@ spec: serviceAnnotations: additionalProperties: type: "string" - description: "serviceAnnotations defines annotations that will be added to the service created for incoming SSH connections. If set, these annotations will be used instead of any VolSync default values." + description: "serviceAnnotations defines annotations that will be added to the\nservice created for incoming SSH connections. If set, these annotations\nwill be used instead of any VolSync default values." type: "object" serviceType: - description: "serviceType determines the Service type that will be created for incoming SSH connections." + description: "serviceType determines the Service type that will be created for incoming\nSSH connections." type: "string" sshKeys: - description: "sshKeys is the name of a Secret that contains the SSH keys to be used for authentication. If not provided, the keys will be generated." + description: "sshKeys is the name of a Secret that contains the SSH keys to be used for\nauthentication. If not provided, the keys will be generated." type: "string" sshUser: description: "sshUser is the username for outgoing SSH connections. Defaults to \"root\"." type: "string" storageClassName: - description: "storageClassName can be used to specify the StorageClass of the destination volume. If not set, the default StorageClass will be used." + description: "storageClassName can be used to specify the StorageClass of the\ndestination volume. If not set, the default StorageClass will be used." type: "string" volumeSnapshotClassName: - description: "volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used." + description: "volumeSnapshotClassName can be used to specify the VSC to be used if\ncopyMethod is Snapshot. If not set, the default VSC is used." type: "string" type: "object" rsyncTLS: @@ -573,7 +601,7 @@ spec: pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true copyMethod: - description: "copyMethod describes how a point-in-time (PiT) image of the destination volume should be created." + description: "copyMethod describes how a point-in-time (PiT) image of the destination\nvolume should be created." enum: - "Direct" - "None" @@ -581,26 +609,26 @@ spec: - "Snapshot" type: "string" destinationPVC: - description: "destinationPVC is a PVC to use as the transfer destination instead of automatically provisioning one. Either this field or both capacity and accessModes must be specified." + description: "destinationPVC is a PVC to use as the transfer destination instead of\nautomatically provisioning one. Either this field or both capacity and\naccessModes must be specified." type: "string" keySecret: - description: "keySecret is the name of a Secret that contains the TLS pre-shared key to be used for authentication. If not provided, the key will be generated." + description: "keySecret is the name of a Secret that contains the TLS pre-shared key to\nbe used for authentication. If not provided, the key will be generated." type: "string" moverPodLabels: additionalProperties: type: "string" - description: "Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add" + description: "Labels that should be added to data mover pods\nThese will be in addition to any labels that VolSync may add" type: "object" moverResources: - description: "Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources." + description: "Resources represents compute resources required by the data mover container.\nImmutable.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/\nThis should only be used by advanced users as this can result in a mover\npod being unschedulable or crashing due to limited resources." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -616,7 +644,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -625,32 +653,44 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" moverSecurityContext: - description: "MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover" + description: "MoverSecurityContext allows specifying the PodSecurityContext that will\nbe used by the data mover" properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows." + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." type: "string" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -666,25 +706,26 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows." + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: description: "Sysctl defines a kernel parameter to be set" properties: @@ -699,76 +740,77 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" moverServiceAccount: - description: "MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR." + description: "MoverServiceAccount allows specifying the name of the service account\nthat will be used by the data mover. This should only be used by advanced\nusers who want to override the service account normally used by the mover.\nThe service account needs to exist in the same namespace as this CR." type: "string" serviceAnnotations: additionalProperties: type: "string" - description: "serviceAnnotations defines annotations that will be added to the service created for incoming SSH connections. If set, these annotations will be used instead of any VolSync default values." + description: "serviceAnnotations defines annotations that will be added to the\nservice created for incoming SSH connections. If set, these annotations\nwill be used instead of any VolSync default values." type: "object" serviceType: - description: "serviceType determines the Service type that will be created for incoming TLS connections." + description: "serviceType determines the Service type that will be created for incoming\nTLS connections." type: "string" storageClassName: - description: "storageClassName can be used to specify the StorageClass of the destination volume. If not set, the default StorageClass will be used." + description: "storageClassName can be used to specify the StorageClass of the\ndestination volume. If not set, the default StorageClass will be used." type: "string" volumeSnapshotClassName: - description: "volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used." + description: "volumeSnapshotClassName can be used to specify the VSC to be used if\ncopyMethod is Snapshot. If not set, the default VSC is used." type: "string" type: "object" trigger: - description: "trigger determines if/when the destination should attempt to synchronize data with the source." + description: "trigger determines if/when the destination should attempt to synchronize\ndata with the source." properties: manual: - description: "manual is a string value that schedules a manual trigger. Once a sync completes then status.lastManualSync is set to the same string value. A consumer of a manual trigger should set spec.trigger.manual to a known value and then wait for lastManualSync to be updated by the operator to the same value, which means that the manual trigger will then pause and wait for further updates to the trigger." + description: "manual is a string value that schedules a manual trigger.\nOnce a sync completes then status.lastManualSync is set to the same string value.\nA consumer of a manual trigger should set spec.trigger.manual to a known value\nand then wait for lastManualSync to be updated by the operator to the same value,\nwhich means that the manual trigger will then pause and wait for further\nupdates to the trigger." type: "string" schedule: - description: "schedule is a cronspec (https://en.wikipedia.org/wiki/Cron#Overview) that can be used to schedule replication to occur at regular, time-based intervals. nolint:lll" + description: "schedule is a cronspec (https://en.wikipedia.org/wiki/Cron#Overview) that\ncan be used to schedule replication to occur at regular, time-based\nintervals.\nnolint:lll" pattern: "^(@(annually|yearly|monthly|weekly|daily|hourly))|((((\\d+,)*\\d+|(\\d+(\\/|-)\\d+)|\\*(\\/\\d+)?)\\s?){5})$" type: "string" type: "object" type: "object" status: - description: "status is the observed state of the ReplicationDestination as determined by the controller." + description: "status is the observed state of the ReplicationDestination as determined\nby the controller." properties: conditions: - description: "conditions represent the latest available observations of the destination's state." + description: "conditions represent the latest available observations of the\ndestination's state." items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -781,7 +823,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -796,13 +838,13 @@ spec: external: additionalProperties: type: "string" - description: "external contains provider-specific status information. For more details, please see the documentation of the specific replication provider being used." + description: "external contains provider-specific status information. For more details,\nplease see the documentation of the specific replication provider being\nused." type: "object" lastManualSync: description: "lastManualSync is set to the last spec.trigger.manual when the manual sync is done." type: "string" lastSyncDuration: - description: "lastSyncDuration is the amount of time required to send the most recent update." + description: "lastSyncDuration is the amount of time required to send the most recent\nupdate." type: "string" lastSyncStartTime: description: "lastSyncStartTime is the time the most recent synchronization started." @@ -813,10 +855,10 @@ spec: format: "date-time" type: "string" latestImage: - description: "latestImage in the object holding the most recent consistent replicated image." + description: "latestImage in the object holding the most recent consistent replicated\nimage." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -838,21 +880,21 @@ spec: type: "string" type: "object" nextSyncTime: - description: "nextSyncTime is the time when the next volume synchronization is scheduled to start (for schedule-based synchronization)." + description: "nextSyncTime is the time when the next volume synchronization is\nscheduled to start (for schedule-based synchronization)." format: "date-time" type: "string" rsync: description: "rsync contains status information for Rsync-based replication." properties: address: - description: "address is the address to connect to for incoming SSH replication connections." + description: "address is the address to connect to for incoming SSH replication\nconnections." type: "string" port: - description: "port is the SSH port to connect to for incoming SSH replication connections." + description: "port is the SSH port to connect to for incoming SSH replication\nconnections." format: "int32" type: "integer" sshKeys: - description: "sshKeys is the name of a Secret that contains the SSH keys to be used for authentication. If not provided in .spec.rsync.sshKeys, SSH keys will be generated and the appropriate keys for the remote side will be placed here." + description: "sshKeys is the name of a Secret that contains the SSH keys to be used for\nauthentication. If not provided in .spec.rsync.sshKeys, SSH keys will be\ngenerated and the appropriate keys for the remote side will be placed\nhere." type: "string" type: "object" rsyncTLS: @@ -862,7 +904,7 @@ spec: description: "address is the address to connect to for incoming TLS connections." type: "string" keySecret: - description: "keySecret is the name of a Secret that contains the TLS pre-shared key to be used for authentication. If not provided in .spec.rsyncTLS.keySecret, the key Secret will be generated and named here." + description: "keySecret is the name of a Secret that contains the TLS pre-shared key to\nbe used for authentication. If not provided in .spec.rsyncTLS.keySecret,\nthe key Secret will be generated and named here." type: "string" port: description: "port is the port to connect to for incoming replication connections." diff --git a/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationsources.yaml b/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationsources.yaml index 19371d762..0dfd4a617 100644 --- a/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationsources.yaml +++ b/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationsources.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "replicationsources.volsync.backube" spec: group: "volsync.backube" @@ -31,29 +31,29 @@ spec: name: "v1alpha1" schema: openAPIV3Schema: - description: "A ReplicationSource is a VolSync resource that you can use to define the source PVC and replication mover type, enabling you to replicate or synchronize PVC data to a remote location." + description: "A ReplicationSource is a VolSync resource that you can use to define the source PVC and replication mover type,\nenabling you to replicate or synchronize PVC data to a remote location." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "spec is the desired state of the ReplicationSource, including the replication method to use and its configuration." + description: "spec is the desired state of the ReplicationSource, including the\nreplication method to use and its configuration." properties: external: - description: "external defines the configuration when using an external replication provider." + description: "external defines the configuration when using an external replication\nprovider." properties: parameters: additionalProperties: type: "string" - description: "parameters are provider-specific key/value configuration parameters. For more information, please see the documentation of the specific replication provider being used." + description: "parameters are provider-specific key/value configuration parameters. For\nmore information, please see the documentation of the specific\nreplication provider being used." type: "object" provider: - description: "provider is the name of the external replication provider. The name should be of the form: domain.com/provider." + description: "provider is the name of the external replication provider. The name\nshould be of the form: domain.com/provider." type: "string" type: "object" paused: @@ -76,7 +76,7 @@ spec: pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true copyMethod: - description: "copyMethod describes how a point-in-time (PiT) image of the source volume should be created." + description: "copyMethod describes how a point-in-time (PiT) image of the source volume\nshould be created." enum: - "Direct" - "None" @@ -87,30 +87,30 @@ spec: description: "customCA is a custom CA that will be used to verify the remote" properties: configMapName: - description: "The name of a ConfigMap that contains the custom CA certificate If ConfigMapName is used then SecretName should not be set" + description: "The name of a ConfigMap that contains the custom CA certificate\nIf ConfigMapName is used then SecretName should not be set" type: "string" key: description: "The key within the Secret or ConfigMap containing the CA certificate" type: "string" secretName: - description: "The name of a Secret that contains the custom CA certificate If SecretName is used then ConfigMapName should not be set" + description: "The name of a Secret that contains the custom CA certificate\nIf SecretName is used then ConfigMapName should not be set" type: "string" type: "object" moverPodLabels: additionalProperties: type: "string" - description: "Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add" + description: "Labels that should be added to data mover pods\nThese will be in addition to any labels that VolSync may add" type: "object" moverResources: - description: "Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources." + description: "Resources represents compute resources required by the data mover container.\nImmutable.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/\nThis should only be used by advanced users as this can result in a mover\npod being unschedulable or crashing due to limited resources." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -126,7 +126,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -135,32 +135,44 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" moverSecurityContext: - description: "MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover" + description: "MoverSecurityContext allows specifying the PodSecurityContext that will\nbe used by the data mover" properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows." + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." type: "string" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -176,25 +188,26 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows." + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: description: "Sysctl defines a kernel parameter to be set" properties: @@ -209,25 +222,26 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" moverServiceAccount: - description: "MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR." + description: "MoverServiceAccount allows specifying the name of the service account\nthat will be used by the data mover. This should only be used by advanced\nusers who want to override the service account normally used by the mover.\nThe service account needs to exist in the same namespace as this CR." type: "string" rcloneConfig: description: "RcloneConfig is the rclone secret name" @@ -239,10 +253,10 @@ spec: description: "RcloneDestPath is the remote path to sync to." type: "string" storageClassName: - description: "storageClassName can be used to override the StorageClass of the PiT image." + description: "storageClassName can be used to override the StorageClass of the PiT\nimage." type: "string" volumeSnapshotClassName: - description: "volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used." + description: "volumeSnapshotClassName can be used to specify the VSC to be used if\ncopyMethod is Snapshot. If not set, the default VSC is used." type: "string" type: "object" restic: @@ -267,7 +281,7 @@ spec: pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true cacheStorageClassName: - description: "cacheStorageClassName can be used to set the StorageClass of the restic metadata cache volume" + description: "cacheStorageClassName can be used to set the StorageClass of the restic\nmetadata cache volume" type: "string" capacity: anyOf: @@ -277,7 +291,7 @@ spec: pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true copyMethod: - description: "copyMethod describes how a point-in-time (PiT) image of the source volume should be created." + description: "copyMethod describes how a point-in-time (PiT) image of the source volume\nshould be created." enum: - "Direct" - "None" @@ -288,30 +302,30 @@ spec: description: "customCA is a custom CA that will be used to verify the remote" properties: configMapName: - description: "The name of a ConfigMap that contains the custom CA certificate If ConfigMapName is used then SecretName should not be set" + description: "The name of a ConfigMap that contains the custom CA certificate\nIf ConfigMapName is used then SecretName should not be set" type: "string" key: description: "The key within the Secret or ConfigMap containing the CA certificate" type: "string" secretName: - description: "The name of a Secret that contains the custom CA certificate If SecretName is used then ConfigMapName should not be set" + description: "The name of a Secret that contains the custom CA certificate\nIf SecretName is used then ConfigMapName should not be set" type: "string" type: "object" moverPodLabels: additionalProperties: type: "string" - description: "Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add" + description: "Labels that should be added to data mover pods\nThese will be in addition to any labels that VolSync may add" type: "object" moverResources: - description: "Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources." + description: "Resources represents compute resources required by the data mover container.\nImmutable.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/\nThis should only be used by advanced users as this can result in a mover\npod being unschedulable or crashing due to limited resources." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -327,7 +341,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -336,32 +350,44 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" moverSecurityContext: - description: "MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover" + description: "MoverSecurityContext allows specifying the PodSecurityContext that will\nbe used by the data mover" properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows." + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." type: "string" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -377,25 +403,26 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows." + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: description: "Sysctl defines a kernel parameter to be set" properties: @@ -410,25 +437,26 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" moverServiceAccount: - description: "MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR." + description: "MoverServiceAccount allows specifying the name of the service account\nthat will be used by the data mover. This should only be used by advanced\nusers who want to override the service account normally used by the mover.\nThe service account needs to exist in the same namespace as this CR." type: "string" pruneIntervalDays: description: "PruneIntervalDays define how often to prune the repository" @@ -468,13 +496,13 @@ spec: type: "integer" type: "object" storageClassName: - description: "storageClassName can be used to override the StorageClass of the PiT image." + description: "storageClassName can be used to override the StorageClass of the PiT\nimage." type: "string" unlock: - description: "unlock is a string value that schedules an unlock on the restic repository during the next sync operation. Once a sync completes then status.restic.lastUnlocked is set to the same string value. To unlock a repository, set spec.restic.unlock to a known value and then wait for lastUnlocked to be updated by the operator to the same value, which means that the sync unlocked the repository by running a restic unlock command and then ran a backup. Unlock will not be run again unless spec.restic.unlock is set to a different value." + description: "unlock is a string value that schedules an unlock on the restic repository during\nthe next sync operation.\nOnce a sync completes then status.restic.lastUnlocked is set to the same string value.\nTo unlock a repository, set spec.restic.unlock to a known value and then wait for\nlastUnlocked to be updated by the operator to the same value,\nwhich means that the sync unlocked the repository by running a restic unlock command and\nthen ran a backup.\nUnlock will not be run again unless spec.restic.unlock is set to a different value." type: "string" volumeSnapshotClassName: - description: "volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used." + description: "volumeSnapshotClassName can be used to specify the VSC to be used if\ncopyMethod is Snapshot. If not set, the default VSC is used." type: "string" type: "object" rsync: @@ -497,7 +525,7 @@ spec: pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true copyMethod: - description: "copyMethod describes how a point-in-time (PiT) image of the source volume should be created." + description: "copyMethod describes how a point-in-time (PiT) image of the source volume\nshould be created." enum: - "Direct" - "None" @@ -507,18 +535,18 @@ spec: moverPodLabels: additionalProperties: type: "string" - description: "Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add" + description: "Labels that should be added to data mover pods\nThese will be in addition to any labels that VolSync may add" type: "object" moverResources: - description: "Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources." + description: "Resources represents compute resources required by the data mover container.\nImmutable.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/\nThis should only be used by advanced users as this can result in a mover\npod being unschedulable or crashing due to limited resources." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -534,7 +562,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -543,11 +571,11 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" moverServiceAccount: - description: "MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as the ReplicationSource." + description: "MoverServiceAccount allows specifying the name of the service account\nthat will be used by the data mover. This should only be used by advanced\nusers who want to override the service account normally used by the mover.\nThe service account needs to exist in the same namespace as the ReplicationSource." type: "string" path: description: "path is the remote path to rsync to. Defaults to \"/\"" @@ -559,19 +587,19 @@ spec: minimum: 0.0 type: "integer" serviceType: - description: "serviceType determines the Service type that will be created for incoming SSH connections." + description: "serviceType determines the Service type that will be created for incoming\nSSH connections." type: "string" sshKeys: - description: "sshKeys is the name of a Secret that contains the SSH keys to be used for authentication. If not provided, the keys will be generated." + description: "sshKeys is the name of a Secret that contains the SSH keys to be used for\nauthentication. If not provided, the keys will be generated." type: "string" sshUser: description: "sshUser is the username for outgoing SSH connections. Defaults to \"root\"." type: "string" storageClassName: - description: "storageClassName can be used to override the StorageClass of the PiT image." + description: "storageClassName can be used to override the StorageClass of the PiT\nimage." type: "string" volumeSnapshotClassName: - description: "volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used." + description: "volumeSnapshotClassName can be used to specify the VSC to be used if\ncopyMethod is Snapshot. If not set, the default VSC is used." type: "string" type: "object" rsyncTLS: @@ -594,7 +622,7 @@ spec: pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true copyMethod: - description: "copyMethod describes how a point-in-time (PiT) image of the source volume should be created." + description: "copyMethod describes how a point-in-time (PiT) image of the source volume\nshould be created." enum: - "Direct" - "None" @@ -602,23 +630,23 @@ spec: - "Snapshot" type: "string" keySecret: - description: "keySecret is the name of a Secret that contains the TLS pre-shared key to be used for authentication. If not provided, the key will be generated." + description: "keySecret is the name of a Secret that contains the TLS pre-shared key to\nbe used for authentication. If not provided, the key will be generated." type: "string" moverPodLabels: additionalProperties: type: "string" - description: "Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add" + description: "Labels that should be added to data mover pods\nThese will be in addition to any labels that VolSync may add" type: "object" moverResources: - description: "Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources." + description: "Resources represents compute resources required by the data mover container.\nImmutable.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/\nThis should only be used by advanced users as this can result in a mover\npod being unschedulable or crashing due to limited resources." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -634,7 +662,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -643,32 +671,44 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" moverSecurityContext: - description: "MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover" + description: "MoverSecurityContext allows specifying the PodSecurityContext that will\nbe used by the data mover" properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows." + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." type: "string" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -684,25 +724,26 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows." + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: description: "Sysctl defines a kernel parameter to be set" properties: @@ -717,25 +758,26 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" moverServiceAccount: - description: "MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR." + description: "MoverServiceAccount allows specifying the name of the service account\nthat will be used by the data mover. This should only be used by advanced\nusers who want to override the service account normally used by the mover.\nThe service account needs to exist in the same namespace as this CR." type: "string" port: description: "port is the port to connect to for replication. Defaults to 8000." @@ -744,10 +786,10 @@ spec: minimum: 0.0 type: "integer" storageClassName: - description: "storageClassName can be used to override the StorageClass of the PiT image." + description: "storageClassName can be used to override the StorageClass of the PiT\nimage." type: "string" volumeSnapshotClassName: - description: "volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used." + description: "volumeSnapshotClassName can be used to specify the VSC to be used if\ncopyMethod is Snapshot. If not set, the default VSC is used." type: "string" type: "object" sourcePVC: @@ -774,18 +816,18 @@ spec: moverPodLabels: additionalProperties: type: "string" - description: "Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add" + description: "Labels that should be added to data mover pods\nThese will be in addition to any labels that VolSync may add" type: "object" moverResources: - description: "Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources." + description: "Resources represents compute resources required by the data mover container.\nImmutable.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/\nThis should only be used by advanced users as this can result in a mover\npod being unschedulable or crashing due to limited resources." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -801,7 +843,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -810,32 +852,44 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" moverSecurityContext: - description: "MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover" + description: "MoverSecurityContext allows specifying the PodSecurityContext that will\nbe used by the data mover" properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows." + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." type: "string" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -851,25 +905,26 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows." + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: description: "Sysctl defines a kernel parameter to be set" properties: @@ -884,30 +939,31 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" moverServiceAccount: - description: "MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR." + description: "MoverServiceAccount allows specifying the name of the service account\nthat will be used by the data mover. This should only be used by advanced\nusers who want to override the service account normally used by the mover.\nThe service account needs to exist in the same namespace as this CR." type: "string" peers: description: "List of Syncthing peers to be connected for syncing" items: - description: "SyncthingPeer Defines the necessary information needed by VolSync to configure a given peer with the running Syncthing instance." + description: "SyncthingPeer Defines the necessary information needed by VolSync\nto configure a given peer with the running Syncthing instance." properties: ID: description: "The peer's Syncthing ID." @@ -916,7 +972,7 @@ spec: description: "The peer's address that our Syncthing node will connect to." type: "string" introducer: - description: "A flag that determines whether this peer should introduce us to other peers sharing this volume. It is HIGHLY recommended that two Syncthing peers do NOT set each other as introducers as you will have a difficult time disconnecting the two." + description: "A flag that determines whether this peer should\nintroduce us to other peers sharing this volume.\nIt is HIGHLY recommended that two Syncthing peers do NOT\nset each other as introducers as you will have a difficult time\ndisconnecting the two." type: "boolean" required: - "ID" @@ -929,40 +985,40 @@ spec: type: "string" type: "object" trigger: - description: "trigger determines when the latest state of the volume will be captured (and potentially replicated to the destination)." + description: "trigger determines when the latest state of the volume will be captured\n(and potentially replicated to the destination)." properties: manual: - description: "manual is a string value that schedules a manual trigger. Once a sync completes then status.lastManualSync is set to the same string value. A consumer of a manual trigger should set spec.trigger.manual to a known value and then wait for lastManualSync to be updated by the operator to the same value, which means that the manual trigger will then pause and wait for further updates to the trigger." + description: "manual is a string value that schedules a manual trigger.\nOnce a sync completes then status.lastManualSync is set to the same string value.\nA consumer of a manual trigger should set spec.trigger.manual to a known value\nand then wait for lastManualSync to be updated by the operator to the same value,\nwhich means that the manual trigger will then pause and wait for further\nupdates to the trigger." type: "string" schedule: - description: "schedule is a cronspec (https://en.wikipedia.org/wiki/Cron#Overview) that can be used to schedule replication to occur at regular, time-based intervals. nolint:lll" + description: "schedule is a cronspec (https://en.wikipedia.org/wiki/Cron#Overview) that\ncan be used to schedule replication to occur at regular, time-based\nintervals.\nnolint:lll" pattern: "^(@(annually|yearly|monthly|weekly|daily|hourly))|((((\\d+,)*\\d+|(\\d+(\\/|-)\\d+)|\\*(\\/\\d+)?)\\s?){5})$" type: "string" type: "object" type: "object" status: - description: "status is the observed state of the ReplicationSource as determined by the controller." + description: "status is the observed state of the ReplicationSource as determined by\nthe controller." properties: conditions: - description: "conditions represent the latest available observations of the source's state." + description: "conditions represent the latest available observations of the\nsource's state." items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -975,7 +1031,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -990,13 +1046,13 @@ spec: external: additionalProperties: type: "string" - description: "external contains provider-specific status information. For more details, please see the documentation of the specific replication provider being used." + description: "external contains provider-specific status information. For more details,\nplease see the documentation of the specific replication provider being\nused." type: "object" lastManualSync: description: "lastManualSync is set to the last spec.trigger.manual when the manual sync is done." type: "string" lastSyncDuration: - description: "lastSyncDuration is the amount of time required to send the most recent update." + description: "lastSyncDuration is the amount of time required to send the most recent\nupdate." type: "string" lastSyncStartTime: description: "lastSyncStartTime is the time the most recent synchronization started." @@ -1015,7 +1071,7 @@ spec: type: "string" type: "object" nextSyncTime: - description: "nextSyncTime is the time when the next volume synchronization is scheduled to start (for schedule-based synchronization)." + description: "nextSyncTime is the time when the next volume synchronization is\nscheduled to start (for schedule-based synchronization)." format: "date-time" type: "string" restic: @@ -1026,28 +1082,28 @@ spec: format: "date-time" type: "string" lastUnlocked: - description: "lastUnlocked is set to the last spec.restic.unlock when a sync is done that unlocks the restic repository." + description: "lastUnlocked is set to the last spec.restic.unlock when a sync is done that unlocks the\nrestic repository." type: "string" type: "object" rsync: description: "rsync contains status information for Rsync-based replication." properties: address: - description: "address is the address to connect to for incoming SSH replication connections." + description: "address is the address to connect to for incoming SSH replication\nconnections." type: "string" port: - description: "port is the SSH port to connect to for incoming SSH replication connections." + description: "port is the SSH port to connect to for incoming SSH replication\nconnections." format: "int32" type: "integer" sshKeys: - description: "sshKeys is the name of a Secret that contains the SSH keys to be used for authentication. If not provided in .spec.rsync.sshKeys, SSH keys will be generated and the appropriate keys for the remote side will be placed here." + description: "sshKeys is the name of a Secret that contains the SSH keys to be used for\nauthentication. If not provided in .spec.rsync.sshKeys, SSH keys will be\ngenerated and the appropriate keys for the remote side will be placed\nhere." type: "string" type: "object" rsyncTLS: description: "rsyncTLS contains status information for Rsync-based replication over TLS." properties: keySecret: - description: "keySecret is the name of a Secret that contains the TLS pre-shared key to be used for authentication. If not provided in .spec.rsyncTLS.keySecret, the key Secret will be generated and named here." + description: "keySecret is the name of a Secret that contains the TLS pre-shared key to\nbe used for authentication. If not provided in .spec.rsyncTLS.keySecret,\nthe key Secret will be generated and named here." type: "string" type: "object" syncthing: @@ -1062,7 +1118,7 @@ spec: peers: description: "List of the Syncthing nodes we are currently connected to." items: - description: "SyncthingPeerStatus Is a struct that contains information pertaining to the status of a given Syncthing peer." + description: "SyncthingPeerStatus Is a struct that contains information pertaining to\nthe status of a given Syncthing peer." properties: ID: description: "ID Is the peer's Syncthing ID." diff --git a/crd-catalog/berops/claudie/claudie.io/v1beta1/inputmanifests.yaml b/crd-catalog/berops/claudie/claudie.io/v1beta1/inputmanifests.yaml index f7ae5b906..d0dc51489 100644 --- a/crd-catalog/berops/claudie/claudie.io/v1beta1/inputmanifests.yaml +++ b/crd-catalog/berops/claudie/claudie.io/v1beta1/inputmanifests.yaml @@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.11.3" - labels: - app.kubernetes.io/part-of: "claudie" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "inputmanifests.claudie.io" spec: group: "claudie.io" @@ -23,13 +21,13 @@ spec: name: "v1beta1" schema: openAPIV3Schema: - description: "InputManifest is a definition of the user's infrastructure. It contains cloud provider specification, nodepool specification, Kubernetes and loadbalancer clusters." + description: "InputManifest is a definition of the user's infrastructure.\nIt contains cloud provider specification,\nnodepool specification, Kubernetes and loadbalancer clusters." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -68,7 +66,7 @@ spec: - "control" type: "object" version: - description: "Version should be defined in format vX.Y. In terms of supported versions of Kubernetes, Claudie follows kubeone releases and their supported versions. The current kubeone version used in Claudie is 1.5. To see the list of supported versions, please refer to kubeone documentation. https://docs.kubermatic.com/kubeone/v1.5/architecture/compatibility/supported-versions/#supported-kubernetes-versions" + description: "Version should be defined in format vX.Y. In terms of supported versions of Kubernetes,\nClaudie follows kubeone releases and their supported versions.\nThe current kubeone version used in Claudie is 1.5.\nTo see the list of supported versions, please refer to kubeone documentation.\nhttps://docs.kubermatic.com/kubeone/v1.8/architecture/compatibility/supported-versions/" type: "string" required: - "name" @@ -106,7 +104,7 @@ spec: description: "Name of the loadbalancer." type: "string" pools: - description: "List of nodepool names this loadbalancer will use. Remember, that nodepools defined in nodepools are only \"blueprints\". The actual nodepool will be created once referenced here." + description: "List of nodepool names this loadbalancer will use. Remember, that nodepools defined\nin nodepools are only \"blueprints\". The actual nodepool will be created once referenced here." items: type: "string" type: "array" @@ -162,12 +160,12 @@ spec: type: "array" type: "object" nodePools: - description: "NodePool is a map of dynamic nodepools and static nodepools which will be used to form kubernetes or loadbalancer clusters." + description: "NodePool is a map of dynamic nodepools and static nodepools which will be used to\nform kubernetes or loadbalancer clusters." properties: dynamic: description: "Dynamic nodepools define nodepools dynamically created by Claudie." items: - description: "DynamicNodePool List of dynamically to-be-created nodepools of not yet existing machines, used for Kubernetes or loadbalancer clusters. These are only blueprints, and will only be created per reference in kubernetes or loadBalancer clusters. \n E.g. if the nodepool isn't used, it won't even be created. Or if the same nodepool is used in two different clusters, it will be created twice. In OOP analogy, a dynamic nodepool would be a class that would get instantiated N >= 0 times depending on which clusters reference it." + description: "DynamicNodePool List of dynamically to-be-created nodepools of not yet existing machines, used for Kubernetes or loadbalancer clusters.\nThese are only blueprints, and will only be created per reference in kubernetes or loadBalancer clusters.\n\n\nE.g. if the nodepool isn't used, it won't even be created. Or if the same nodepool is used in two different clusters,\nit will be created twice. In OOP analogy, a dynamic nodepool would be a class\nthat would get instantiated N >= 0 times depending on which clusters reference it." properties: annotations: additionalProperties: @@ -230,25 +228,25 @@ spec: - "region" type: "object" serverType: - description: "Type of the machines in the nodepool. Currently, only AMD64 machines are supported." + description: "\tType of the machines in the nodepool. Currently, only AMD64 machines are supported." type: "string" storageDiskSize: - description: "Size of the storage disk on the nodes in the nodepool in GB. The OS disk is created automatically with predefined size of 100GB for kubernetes nodes and 50GB for Loadbalancer nodes. The value must be either -1 (no disk is created), or >= 50. If no value is specified, 50 is used." + description: "Size of the storage disk on the nodes in the nodepool in GB. The OS disk is created automatically\nwith predefined size of 100GB for kubernetes nodes and 50GB for Loadbalancer nodes.\nThe value must be either -1 (no disk is created), or >= 50. If no value is specified, 50 is used." format: "int32" type: "integer" taints: description: "User defined taints for this nodepool." items: - description: "The node this Taint is attached to has the \"effect\" on any pod that does not tolerate the Taint." + description: "The node this Taint is attached to has the \"effect\" on\nany pod that does not tolerate the Taint." properties: effect: - description: "Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute." + description: "Required. The effect of the taint on pods\nthat do not tolerate the taint.\nValid effects are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: description: "Required. The taint key to be applied to a node." type: "string" timeAdded: - description: "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints." + description: "TimeAdded represents the time at which the taint was added.\nIt is only written for NoExecute taints." format: "date-time" type: "string" value: @@ -311,16 +309,16 @@ spec: type: "array" taints: items: - description: "The node this Taint is attached to has the \"effect\" on any pod that does not tolerate the Taint." + description: "The node this Taint is attached to has the \"effect\" on\nany pod that does not tolerate the Taint." properties: effect: - description: "Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute." + description: "Required. The effect of the taint on pods\nthat do not tolerate the taint.\nValid effects are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: description: "Required. The taint key to be applied to a node." type: "string" timeAdded: - description: "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints." + description: "TimeAdded represents the time at which the taint was added.\nIt is only written for NoExecute taints." format: "date-time" type: "string" value: @@ -338,9 +336,9 @@ spec: type: "array" type: "object" providers: - description: "Providers list of defined cloud provider configuration that will be used while infrastructure provisioning." + description: "Providers list of defined cloud provider configuration\nthat will be used while infrastructure provisioning." items: - description: "Providers list of defined cloud provider configuration that will be used while infrastructure provisioning." + description: "Providers list of defined cloud provider configuration\nthat will be used while infrastructure provisioning." properties: name: description: "Name is the name of the provider specification. It has to be unique across all providers." @@ -348,7 +346,7 @@ spec: minLength: 1 type: "string" providerType: - description: "ProviderType type of a provider. A list of available providers can be found at https://docs.claudie.io/v0.3.2/input-manifest/providers/aws/" + description: "ProviderType type of a provider.\nA list of available providers can be found at https://docs.claudie.io/v0.3.2/input-manifest/providers/aws/" enum: - "gcp" - "hetzner" @@ -360,7 +358,7 @@ spec: - "genesiscloud" type: "string" secretRef: - description: "SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace" + description: "SecretReference represents a Secret Reference. It has enough information to retrieve secret\nin any namespace" properties: name: description: "name is unique within a namespace to reference a secret resource." diff --git a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/certificates.yaml b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/certificates.yaml index b1503dbfc..31207065f 100644 --- a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/certificates.yaml +++ b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/certificates.yaml @@ -269,8 +269,12 @@ spec: type: "integer" type: "object" renewBefore: - description: "How long before the currently issued certificate's expiry cert-manager should\nrenew the certificate. For example, if a certificate is valid for 60 minutes,\nand `renewBefore=10m`, cert-manager will begin to attempt to renew the certificate\n50 minutes after it was issued (i.e. when there are 10 minutes remaining until\nthe certificate is no longer valid).\n\n\nNOTE: The actual lifetime of the issued certificate is used to determine the\nrenewal time. If an issuer returns a certificate with a different lifetime than\nthe one requested, cert-manager will use the lifetime of the issued certificate.\n\n\nIf unset, this defaults to 1/3 of the issued certificate's lifetime.\nMinimum accepted value is 5 minutes.\nValue must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration." + description: "How long before the currently issued certificate's expiry cert-manager should\nrenew the certificate. For example, if a certificate is valid for 60 minutes,\nand `renewBefore=10m`, cert-manager will begin to attempt to renew the certificate\n50 minutes after it was issued (i.e. when there are 10 minutes remaining until\nthe certificate is no longer valid).\n\n\nNOTE: The actual lifetime of the issued certificate is used to determine the\nrenewal time. If an issuer returns a certificate with a different lifetime than\nthe one requested, cert-manager will use the lifetime of the issued certificate.\n\n\nIf unset, this defaults to 1/3 of the issued certificate's lifetime.\nMinimum accepted value is 5 minutes.\nValue must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration.\nCannot be set if the `renewBeforePercentage` field is set." type: "string" + renewBeforePercentage: + description: "`renewBeforePercentage` is like `renewBefore`, except it is a relative percentage\nrather than an absolute duration. For example, if a certificate is valid for 60\nminutes, and `renewBeforePercentage=25`, cert-manager will begin to attempt to\nrenew the certificate 45 minutes after it was issued (i.e. when there are 15\nminutes (25%) remaining until the certificate is no longer valid).\n\n\nNOTE: The actual lifetime of the issued certificate is used to determine the\nrenewal time. If an issuer returns a certificate with a different lifetime than\nthe one requested, cert-manager will use the lifetime of the issued certificate.\n\n\nValue must be an integer in the range (0,100). The minimum effective\n`renewBefore` derived from the `renewBeforePercentage` and `duration` fields is 5\nminutes.\nCannot be set if the `renewBefore` field is set." + format: "int32" + type: "integer" revisionHistoryLimit: description: "The maximum number of CertificateRequest revisions that are maintained in\nthe Certificate's history. Each revision represents a single `CertificateRequest`\ncreated by this Certificate, either when it was created, renewed, or Spec\nwas changed. Revisions will be removed by oldest first if the number of\nrevisions exceeds this number.\n\n\nIf set, revisionHistoryLimit must be a value of `1` or greater.\nIf unset (`nil`), revisions will not be garbage collected.\nDefault value is `nil`." format: "int32" diff --git a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml index 043ed4532..08279ed66 100644 --- a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml +++ b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml @@ -1401,7 +1401,7 @@ spec: - "name" type: "object" credentialsRef: - description: "CredentialsRef is a reference to a Secret containing the username and\npassword for the TPP server.\nThe secret must contain two keys, 'username' and 'password'." + description: "CredentialsRef is a reference to a Secret containing the Venafi TPP API credentials.\nThe secret must contain the key 'access-token' for the Access Token Authentication,\nor two keys, 'username' and 'password' for the API Keys Authentication." properties: name: description: "Name of the resource being referred to.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" diff --git a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml index d4e6e524e..d0e3bc9dc 100644 --- a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml +++ b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml @@ -1402,7 +1402,7 @@ spec: - "name" type: "object" credentialsRef: - description: "CredentialsRef is a reference to a Secret containing the username and\npassword for the TPP server.\nThe secret must contain two keys, 'username' and 'password'." + description: "CredentialsRef is a reference to a Secret containing the Venafi TPP API credentials.\nThe secret must contain the key 'access-token' for the Access Token Authentication,\nor two keys, 'username' and 'password' for the API Keys Authentication." properties: name: description: "Name of the resource being referred to.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumlocalredirectpolicies.yaml b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumlocalredirectpolicies.yaml index 29e5ae1e3..88e699094 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumlocalredirectpolicies.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumlocalredirectpolicies.yaml @@ -112,6 +112,9 @@ spec: - "localEndpointSelector" - "toPorts" type: "object" + x-kubernetes-validations: + - message: "redirectBackend is immutable" + rule: "self == oldSelf" redirectFrontend: description: "RedirectFrontend specifies frontend configuration to redirect traffic from. It can not be empty." oneOf: @@ -197,9 +200,16 @@ spec: - "serviceName" type: "object" type: "object" + x-kubernetes-validations: + - message: "redirectFrontend is immutable" + rule: "self == oldSelf" skipRedirectFromBackend: + default: false description: "SkipRedirectFromBackend indicates whether traffic matching RedirectFrontend from RedirectBackend should skip redirection, and hence the traffic will be forwarded as-is. \n The default is false which means traffic matching RedirectFrontend will get redirected from all pods, including the RedirectBackend(s). \n Example: If RedirectFrontend is configured to \"169.254.169.254:80\" as the traffic that needs to be redirected to backends selected by RedirectBackend, if SkipRedirectFromBackend is set to true, traffic going to \"169.254.169.254:80\" from such backends will not be redirected back to the backends. Instead, the matched traffic from the backends will be forwarded to the original destination \"169.254.169.254:80\"." type: "boolean" + x-kubernetes-validations: + - message: "skipRedirectFromBackend is immutable" + rule: "self == oldSelf" required: - "redirectBackend" - "redirectFrontend" diff --git a/crd-catalog/clastix/kamaji/kamaji.clastix.io/v1alpha1/tenantcontrolplanes.yaml b/crd-catalog/clastix/kamaji/kamaji.clastix.io/v1alpha1/tenantcontrolplanes.yaml index 78dd6537d..aa9c887d2 100644 --- a/crd-catalog/clastix/kamaji/kamaji.clastix.io/v1alpha1/tenantcontrolplanes.yaml +++ b/crd-catalog/clastix/kamaji/kamaji.clastix.io/v1alpha1/tenantcontrolplanes.yaml @@ -77,7 +77,7 @@ spec: agent: default: image: "registry.k8s.io/kas-network-proxy/proxy-agent" - version: "v0.0.32" + version: "v0.28.6" properties: extraArgs: description: "ExtraArgs allows adding additional arguments to said component.\nWARNING - This option can override existing konnectivity\nparameters and cause konnectivity components to misbehave in\nunxpected ways. Only modify if you know what you are doing." @@ -115,7 +115,7 @@ spec: type: "object" type: "array" version: - default: "v0.0.32" + default: "v0.28.6" description: "Version for Konnectivity agent." type: "string" type: "object" @@ -123,7 +123,7 @@ spec: default: image: "registry.k8s.io/kas-network-proxy/proxy-server" port: 8132 - version: "v0.0.32" + version: "v0.28.6" properties: extraArgs: description: "ExtraArgs allows adding additional arguments to said component.\nWARNING - This option can override existing konnectivity\nparameters and cause konnectivity components to misbehave in\nunxpected ways. Only modify if you know what you are doing." @@ -176,7 +176,7 @@ spec: type: "object" type: "object" version: - default: "v0.0.32" + default: "v0.28.6" description: "Container image version of the Konnectivity server." type: "string" required: diff --git a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/clusters.yaml b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/clusters.yaml index c829e167e..6a75cf6bf 100644 --- a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/clusters.yaml +++ b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/clusters.yaml @@ -850,8 +850,8 @@ spec: wal: description: "The configuration for the backup of the WAL stream.\nWhen not defined, WAL files will be stored uncompressed and may be\nunencrypted in the object store, according to the bucket default policy." properties: - additionalCommandArgs: - description: "AdditionalCommandArgs represents additional arguments that can be appended\nto the 'barman-cloud-wal-archive' command-line invocation. These arguments\nprovide flexibility to customize the backup process further according to\nspecific requirements or configurations.\n\n\nExample:\nIn a scenario where specialized backup options are required, such as setting\na specific timeout or defining custom behavior, users can use this field\nto specify additional command arguments.\n\n\nNote:\nIt's essential to ensure that the provided arguments are valid and supported\nby the 'barman-cloud-wal-archive' command, to avoid potential errors or unintended\nbehavior during execution." + archiveAdditionalCommandArgs: + description: "Additional arguments that can be appended to the 'barman-cloud-wal-archive'\ncommand-line invocation. These arguments provide flexibility to customize\nthe WAL archive process further, according to specific requirements or configurations.\n\n\nExample:\nIn a scenario where specialized backup options are required, such as setting\na specific timeout or defining custom behavior, users can use this field\nto specify additional command arguments.\n\n\nNote:\nIt's essential to ensure that the provided arguments are valid and supported\nby the 'barman-cloud-wal-archive' command, to avoid potential errors or unintended\nbehavior during execution." items: type: "string" type: "array" @@ -872,6 +872,11 @@ spec: description: "Number of WAL files to be either archived in parallel (when the\nPostgreSQL instance is archiving to a backup object store) or\nrestored in parallel (when a PostgreSQL standby is fetching WAL\nfiles from a recovery object store). If not specified, WAL files\nwill be processed one at a time. It accepts a positive integer as a\nvalue - with 1 being the minimum accepted value." minimum: 1.0 type: "integer" + restoreAdditionalCommandArgs: + description: "Additional arguments that can be appended to the 'barman-cloud-wal-restore'\ncommand-line invocation. These arguments provide flexibility to customize\nthe WAL restore process further, according to specific requirements or configurations.\n\n\nExample:\nIn a scenario where specialized backup options are required, such as setting\na specific timeout or defining custom behavior, users can use this field\nto specify additional command arguments.\n\n\nNote:\nIt's essential to ensure that the provided arguments are valid and supported\nby the 'barman-cloud-wal-restore' command, to avoid potential errors or unintended\nbehavior during execution." + items: + type: "string" + type: "array" type: "object" required: - "destinationPath" @@ -1010,12 +1015,12 @@ spec: description: "Name of the owner of the database in the instance to be used\nby applications. Defaults to the value of the `database` key." type: "string" postInitApplicationSQL: - description: "List of SQL queries to be executed as a superuser in the application\ndatabase right after is created - to be used with extreme care\n(by default empty)" + description: "List of SQL queries to be executed as a superuser in the application\ndatabase right after the cluster has been created - to be used with extreme care\n(by default empty)" items: type: "string" type: "array" postInitApplicationSQLRefs: - description: "PostInitApplicationSQLRefs points references to ConfigMaps or Secrets which\ncontain SQL files, the general implementation order to these references is\nfrom all Secrets to all ConfigMaps, and inside Secrets or ConfigMaps,\nthe implementation order is same as the order of each array\n(by default empty)" + description: "List of references to ConfigMaps or Secrets containing SQL files\nto be executed as a superuser in the application database right after\nthe cluster has been created. The references are processed in a specific order:\nfirst, all Secrets are processed, followed by all ConfigMaps.\nWithin each group, the processing order follows the sequence specified\nin their respective arrays.\n(by default empty)" properties: configMapRefs: description: "ConfigMapRefs holds a list of references to ConfigMaps" @@ -1051,15 +1056,87 @@ spec: type: "array" type: "object" postInitSQL: - description: "List of SQL queries to be executed as a superuser immediately\nafter the cluster has been created - to be used with extreme care\n(by default empty)" + description: "List of SQL queries to be executed as a superuser in the `postgres`\ndatabase right after the cluster has been created - to be used with extreme care\n(by default empty)" items: type: "string" type: "array" + postInitSQLRefs: + description: "List of references to ConfigMaps or Secrets containing SQL files\nto be executed as a superuser in the `postgres` database right after\nthe cluster has been created. The references are processed in a specific order:\nfirst, all Secrets are processed, followed by all ConfigMaps.\nWithin each group, the processing order follows the sequence specified\nin their respective arrays.\n(by default empty)" + properties: + configMapRefs: + description: "ConfigMapRefs holds a list of references to ConfigMaps" + items: + description: "ConfigMapKeySelector contains enough information to let you locate\nthe key of a ConfigMap" + properties: + key: + description: "The key to select" + type: "string" + name: + description: "Name of the referent." + type: "string" + required: + - "key" + - "name" + type: "object" + type: "array" + secretRefs: + description: "SecretRefs holds a list of references to Secrets" + items: + description: "SecretKeySelector contains enough information to let you locate\nthe key of a Secret" + properties: + key: + description: "The key to select" + type: "string" + name: + description: "Name of the referent." + type: "string" + required: + - "key" + - "name" + type: "object" + type: "array" + type: "object" postInitTemplateSQL: - description: "List of SQL queries to be executed as a superuser in the `template1`\nafter the cluster has been created - to be used with extreme care\n(by default empty)" + description: "List of SQL queries to be executed as a superuser in the `template1`\ndatabase right after the cluster has been created - to be used with extreme care\n(by default empty)" items: type: "string" type: "array" + postInitTemplateSQLRefs: + description: "List of references to ConfigMaps or Secrets containing SQL files\nto be executed as a superuser in the `template1` database right after\nthe cluster has been created. The references are processed in a specific order:\nfirst, all Secrets are processed, followed by all ConfigMaps.\nWithin each group, the processing order follows the sequence specified\nin their respective arrays.\n(by default empty)" + properties: + configMapRefs: + description: "ConfigMapRefs holds a list of references to ConfigMaps" + items: + description: "ConfigMapKeySelector contains enough information to let you locate\nthe key of a ConfigMap" + properties: + key: + description: "The key to select" + type: "string" + name: + description: "Name of the referent." + type: "string" + required: + - "key" + - "name" + type: "object" + type: "array" + secretRefs: + description: "SecretRefs holds a list of references to Secrets" + items: + description: "SecretKeySelector contains enough information to let you locate\nthe key of a Secret" + properties: + key: + description: "The key to select" + type: "string" + name: + description: "Name of the referent." + type: "string" + required: + - "key" + - "name" + type: "object" + type: "array" + type: "object" secret: description: "Name of the secret containing the initial credentials for the\nowner of the user database. If empty a new secret will be\ncreated from scratch" properties: @@ -1741,8 +1818,8 @@ spec: wal: description: "The configuration for the backup of the WAL stream.\nWhen not defined, WAL files will be stored uncompressed and may be\nunencrypted in the object store, according to the bucket default policy." properties: - additionalCommandArgs: - description: "AdditionalCommandArgs represents additional arguments that can be appended\nto the 'barman-cloud-wal-archive' command-line invocation. These arguments\nprovide flexibility to customize the backup process further according to\nspecific requirements or configurations.\n\n\nExample:\nIn a scenario where specialized backup options are required, such as setting\na specific timeout or defining custom behavior, users can use this field\nto specify additional command arguments.\n\n\nNote:\nIt's essential to ensure that the provided arguments are valid and supported\nby the 'barman-cloud-wal-archive' command, to avoid potential errors or unintended\nbehavior during execution." + archiveAdditionalCommandArgs: + description: "Additional arguments that can be appended to the 'barman-cloud-wal-archive'\ncommand-line invocation. These arguments provide flexibility to customize\nthe WAL archive process further, according to specific requirements or configurations.\n\n\nExample:\nIn a scenario where specialized backup options are required, such as setting\na specific timeout or defining custom behavior, users can use this field\nto specify additional command arguments.\n\n\nNote:\nIt's essential to ensure that the provided arguments are valid and supported\nby the 'barman-cloud-wal-archive' command, to avoid potential errors or unintended\nbehavior during execution." items: type: "string" type: "array" @@ -1763,6 +1840,11 @@ spec: description: "Number of WAL files to be either archived in parallel (when the\nPostgreSQL instance is archiving to a backup object store) or\nrestored in parallel (when a PostgreSQL standby is fetching WAL\nfiles from a recovery object store). If not specified, WAL files\nwill be processed one at a time. It accepts a positive integer as a\nvalue - with 1 being the minimum accepted value." minimum: 1.0 type: "integer" + restoreAdditionalCommandArgs: + description: "Additional arguments that can be appended to the 'barman-cloud-wal-restore'\ncommand-line invocation. These arguments provide flexibility to customize\nthe WAL restore process further, according to specific requirements or configurations.\n\n\nExample:\nIn a scenario where specialized backup options are required, such as setting\na specific timeout or defining custom behavior, users can use this field\nto specify additional command arguments.\n\n\nNote:\nIt's essential to ensure that the provided arguments are valid and supported\nby the 'barman-cloud-wal-restore' command, to avoid potential errors or unintended\nbehavior during execution." + items: + type: "string" + type: "array" type: "object" required: - "destinationPath" @@ -2168,6 +2250,13 @@ spec: type: "string" type: "object" type: "object" + updateStrategy: + default: "patch" + description: "UpdateStrategy describes how the service differences should be reconciled" + enum: + - "patch" + - "replace" + type: "string" required: - "selectorType" - "serviceTemplate" @@ -2352,6 +2441,14 @@ spec: type: "string" type: "object" type: "array" + tls: + description: "Configure TLS communication for the metrics endpoint.\nChanging tls.enabled option will force a rollout of all instances." + properties: + enabled: + default: false + description: "Enable TLS for the monitoring endpoint.\nChanging this option will force a rollout of all instances." + type: "boolean" + type: "object" type: "object" nodeMaintenanceWindow: description: "Define a maintenance window for the Kubernetes nodes" diff --git a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/scheduledbackups.yaml b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/scheduledbackups.yaml index 77a6f909f..d1c091d73 100644 --- a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/scheduledbackups.yaml +++ b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/scheduledbackups.yaml @@ -61,10 +61,11 @@ spec: type: "boolean" method: default: "barmanObjectStore" - description: "The backup method to be used, possible options are `barmanObjectStore`\nand `volumeSnapshot`. Defaults to: `barmanObjectStore`." + description: "The backup method to be used, possible options are `barmanObjectStore`,\n`volumeSnapshot` or `plugin`. Defaults to: `barmanObjectStore`." enum: - "barmanObjectStore" - "volumeSnapshot" + - "plugin" type: "string" online: description: "Whether the default type of backup with volume snapshots is\nonline/hot (`true`, default) or offline/cold (`false`)\nOverrides the default setting specified in the cluster field '.spec.backup.volumeSnapshot.online'" diff --git a/crd-catalog/clusternet/clusternet/clusters.clusternet.io/v1beta1/managedclusters.yaml b/crd-catalog/clusternet/clusternet/clusters.clusternet.io/v1beta1/managedclusters.yaml index e269423fc..80929eb38 100644 --- a/crd-catalog/clusternet/clusternet/clusters.clusternet.io/v1beta1/managedclusters.yaml +++ b/crd-catalog/clusternet/clusternet/clusters.clusternet.io/v1beta1/managedclusters.yaml @@ -110,8 +110,8 @@ spec: - "syncMode" type: "object" x-kubernetes-validations: - - message: "clusterInitSubName is required once set" - rule: "!has(oldSelf.clusterInitSubName) || has(self.clusterInitSubName)" + - message: "clusterInitBaseName is required once set" + rule: "!has(oldSelf.clusterInitBaseName) || has(self.clusterInitBaseName)" status: description: "ManagedClusterStatus defines the observed state of ManagedCluster" properties: diff --git a/crd-catalog/confidential-containers/operator/confidentialcontainers.org/v1beta1/ccruntimes.yaml b/crd-catalog/confidential-containers/operator/confidentialcontainers.org/v1beta1/ccruntimes.yaml index 101e2a2a3..d366f6e3a 100644 --- a/crd-catalog/confidential-containers/operator/confidentialcontainers.org/v1beta1/ccruntimes.yaml +++ b/crd-catalog/confidential-containers/operator/confidentialcontainers.org/v1beta1/ccruntimes.yaml @@ -3332,16 +3332,20 @@ spec: runtimeClasses: description: "This specifies the RuntimeClasses that need to be created, with its name and an associated snapshotter to be used" items: - description: "RuntimeClass holds the name and the snapshotter to be used by a runtime class" + description: "RuntimeClass holds the name and basic customizations to be used by a runtime class" properties: name: description: "Name of the runtime class" type: "string" + pulltype: + description: "The pulling image method to be used by the runtime class" + type: "string" snapshotter: description: "The snapshotter to be used by the runtime class" type: "string" required: - "name" + - "pulltype" - "snapshotter" type: "object" type: "array" diff --git a/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml b/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml index d0b3a9ac7..03a432bd6 100644 --- a/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml +++ b/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml @@ -1987,6 +1987,11 @@ spec: type: "object" type: "object" type: "object" + ignoredUnrecoverableEvents: + description: "IgnoredUnrecoverableEvents defines a list of Kubernetes event names that should\nbe ignored when deciding to fail a workspace that is starting. This option should be used\nif a transient cluster issue is triggering false-positives (for example, if\nthe cluster occasionally encounters FailedScheduling events). Events listed\nhere will not trigger workspace failures." + items: + type: "string" + type: "array" imagePullPolicy: description: "ImagePullPolicy defines the imagePullPolicy used for containers in a DevWorkspace." enum: diff --git a/crd-catalog/elastic/cloud-on-k8s/elasticsearch.k8s.elastic.co/v1/elasticsearches.yaml b/crd-catalog/elastic/cloud-on-k8s/elasticsearch.k8s.elastic.co/v1/elasticsearches.yaml index a52101b7e..f3f1aca2e 100644 --- a/crd-catalog/elastic/cloud-on-k8s/elasticsearch.k8s.elastic.co/v1/elasticsearches.yaml +++ b/crd-catalog/elastic/cloud-on-k8s/elasticsearch.k8s.elastic.co/v1/elasticsearches.yaml @@ -5570,6 +5570,13 @@ spec: otherNameSuffix: description: "OtherNameSuffix when defined will be prefixed with the Pod name and used as the common name,\nand the first DNSName, as well as an OtherName required by Elasticsearch in the Subject Alternative Name\nextension of each Elasticsearch node's transport TLS certificate.\nExample: if set to \"node.cluster.local\", the generated certificate will have its otherName set to \".node.cluster.local\"." type: "string" + selfSignedCertificates: + description: "SelfSignedCertificates allows configuring the self-signed certificate generated by the operator." + properties: + disabled: + description: "Disabled indicates that provisioning of the self-signed certificates should be disabled." + type: "boolean" + type: "object" subjectAltNames: description: "SubjectAlternativeNames is a list of SANs to include in the generated node transport TLS certificates." items: diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml index c63c39275..f1f0519bf 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml @@ -1224,6 +1224,19 @@ spec: type: "object" type: "object" type: "object" + authRef: + description: "A reference to a secret that contains the auth information." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" remoteNamespace: default: "default" description: "Remote namespace to fetch the secrets from" @@ -1262,8 +1275,6 @@ spec: description: "configures the Kubernetes server Address." type: "string" type: "object" - required: - - "auth" type: "object" onboardbase: description: "Onboardbase configures this store to sync secrets using the Onboardbase provider" @@ -1550,7 +1561,7 @@ spec: type: "object" type: "object" apiUrl: - default: "https://api.pulumi.com" + default: "https://api.pulumi.com/api/preview" description: "APIURL is the URL of the Pulumi API." type: "string" environment: @@ -1622,6 +1633,57 @@ spec: - "region" - "secretKey" type: "object" + secretserver: + description: "SecretServer configures this store to sync secrets using SecretServer provider\nhttps://docs.delinea.com/online-help/secret-server/start.htm" + properties: + password: + description: "Password is the secret server account password." + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" + serverURL: + description: "ServerURL\nURL to your secret server installation" + type: "string" + username: + description: "Username is the secret server account username." + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" + required: + - "password" + - "serverURL" + - "username" + type: "object" senhasegura: description: "Senhasegura configures this store to sync secrets using senhasegura provider" properties: @@ -2028,6 +2090,11 @@ spec: forwardInconsistent: description: "ForwardInconsistent tells Vault to forward read-after-write requests to the Vault\nleader instead of simply retrying within a loop. This can increase performance if\nthe option is enabled serverside.\nhttps://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header" type: "boolean" + headers: + additionalProperties: + type: "string" + description: "Headers to be added in Vault request" + type: "object" namespace: description: "Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows\nVault environments to support Secure Multi-tenancy. e.g: \"ns1\".\nMore about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces" type: "string" diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml index 3440e84f8..aee24bb3d 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml @@ -1224,6 +1224,19 @@ spec: type: "object" type: "object" type: "object" + authRef: + description: "A reference to a secret that contains the auth information." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" remoteNamespace: default: "default" description: "Remote namespace to fetch the secrets from" @@ -1262,8 +1275,6 @@ spec: description: "configures the Kubernetes server Address." type: "string" type: "object" - required: - - "auth" type: "object" onboardbase: description: "Onboardbase configures this store to sync secrets using the Onboardbase provider" @@ -1550,7 +1561,7 @@ spec: type: "object" type: "object" apiUrl: - default: "https://api.pulumi.com" + default: "https://api.pulumi.com/api/preview" description: "APIURL is the URL of the Pulumi API." type: "string" environment: @@ -1622,6 +1633,57 @@ spec: - "region" - "secretKey" type: "object" + secretserver: + description: "SecretServer configures this store to sync secrets using SecretServer provider\nhttps://docs.delinea.com/online-help/secret-server/start.htm" + properties: + password: + description: "Password is the secret server account password." + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" + serverURL: + description: "ServerURL\nURL to your secret server installation" + type: "string" + username: + description: "Username is the secret server account username." + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" + required: + - "password" + - "serverURL" + - "username" + type: "object" senhasegura: description: "Senhasegura configures this store to sync secrets using senhasegura provider" properties: @@ -2028,6 +2090,11 @@ spec: forwardInconsistent: description: "ForwardInconsistent tells Vault to forward read-after-write requests to the Vault\nleader instead of simply retrying within a loop. This can increase performance if\nthe option is enabled serverside.\nhttps://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header" type: "boolean" + headers: + additionalProperties: + type: "string" + description: "Headers to be added in Vault request" + type: "object" namespace: description: "Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows\nVault environments to support Secure Multi-tenancy. e.g: \"ns1\".\nMore about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces" type: "string" diff --git a/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/canaries.yaml b/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/canaries.yaml index 9c84094a8..2f1992fc8 100644 --- a/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/canaries.yaml +++ b/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/canaries.yaml @@ -67,47 +67,6 @@ spec: items: type: "string" type: "array" - bearer: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" connection: description: "Connection name e.g. connection://http/google" type: "string" @@ -146,28 +105,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -176,101 +115,6 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" - oauth: - properties: - clientID: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - clientSecret: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - params: - additionalProperties: - type: "string" - type: "object" - scope: - items: - type: "string" - type: "array" - tokenURL: - type: "string" - type: "object" password: properties: name: @@ -317,90 +161,156 @@ spec: properties: components: items: - description: "LookupSpec defines a tuple of fields to lookup." properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" name: - description: "Lookup specifies the type of lookup to perform." + description: "Lookup offers different ways to specify a lookup value" properties: expr: - description: "Expr is a cel-expression." type: "string" label: - description: "Label specifies the key to lookup on the label." type: "string" value: - description: "Value is the static value to use." type: "string" type: "object" namespace: - description: "Lookup specifies the type of lookup to perform." + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: properties: expr: - description: "Expr is a cel-expression." type: "string" label: - description: "Label specifies the key to lookup on the label." type: "string" value: - description: "Value is the static value to use." type: "string" type: "object" type: - description: "Lookup specifies the type of lookup to perform." + description: "Lookup offers different ways to specify a lookup value" properties: expr: - description: "Expr is a cel-expression." type: "string" label: - description: "Label specifies the key to lookup on the label." type: "string" value: - description: "Value is the static value to use." type: "string" type: "object" type: "object" type: "array" configs: items: - description: "LookupSpec defines a tuple of fields to lookup." properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" name: - description: "Lookup specifies the type of lookup to perform." + description: "Lookup offers different ways to specify a lookup value" properties: expr: - description: "Expr is a cel-expression." type: "string" label: - description: "Label specifies the key to lookup on the label." type: "string" value: - description: "Value is the static value to use." type: "string" type: "object" namespace: - description: "Lookup specifies the type of lookup to perform." + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: properties: expr: - description: "Expr is a cel-expression." type: "string" label: - description: "Label specifies the key to lookup on the label." type: "string" value: - description: "Value is the static value to use." type: "string" type: "object" type: - description: "Lookup specifies the type of lookup to perform." + description: "Lookup offers different ways to specify a lookup value" properties: expr: - description: "Expr is a cel-expression." type: "string" label: - description: "Label specifies the key to lookup on the label." type: "string" value: - description: "Value is the static value to use." type: "string" type: "object" type: "object" @@ -553,28 +463,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -587,25 +477,185 @@ spec: type: "string" region: type: "string" - secretKey: + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" + secretKey: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: key: description: "Key is a JSONPath expression used to fetch the key from the merged JSON." type: "string" @@ -784,28 +834,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -816,67 +846,227 @@ spec: type: "string" region: type: "string" - rules: - description: "Specify one or more Config rule names to filter the results by rule." - items: - type: "string" - type: "array" - secretKey: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - sessionToken: + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: type: "string" - required: + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" + rules: + description: "Specify one or more Config rule names to filter the results by rule." + items: + type: "string" + type: "array" + secretKey: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + sessionToken: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: - "key" type: "object" helmRef: @@ -967,28 +1157,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -1044,136 +1214,166 @@ spec: type: "string" project: type: "string" - test: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" - thresholdMillis: - description: "ThresholdMillis the maximum duration of a Run. (Optional)" - type: "integer" - transform: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" - transformDeleteStrategy: - description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" - type: "string" - variables: - additionalProperties: - type: "string" - type: "object" - required: - - "branch" - - "name" - - "organization" - - "personalAccessToken" - - "pipeline" - - "project" - - "thresholdMillis" - - "variables" - type: "object" - type: "array" - catalog: - items: - properties: - description: - description: "Description for the check" - type: "string" - display: + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" - icon: - description: "Icon for overwriting default icon on the dashboard" - type: "string" - labels: - additionalProperties: - type: "string" - description: "Labels for the check" - type: "object" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: - properties: - name: - type: "string" - value: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: type: "string" - valueExpr: + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." - type: "string" - selector: - items: - properties: - agent: - description: "Agent can be the agent id or the name of the agent.\n Additionally, the special \"self\" value can be used to select resources without an agent." - type: "string" - cache: - description: "Cache directives\n 'no-cache' (should not fetch from cache but can be cached)\n 'no-store' (should not cache)\n 'max-age=X' (cache for X duration)" - type: "string" - fieldSelector: - type: "string" - id: - type: "string" - labelSelector: - type: "string" - name: - type: "string" - namespace: - type: "string" - statuses: - items: - type: "string" - type: "array" - tagSelector: - type: "string" - types: - items: - type: "string" - type: "array" - type: "object" - type: "array" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" test: properties: expr: @@ -1185,6 +1385,9 @@ spec: template: type: "string" type: "object" + thresholdMillis: + description: "ThresholdMillis the maximum duration of a Run. (Optional)" + type: "integer" transform: properties: expr: @@ -1199,66 +1402,24 @@ spec: transformDeleteStrategy: description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" type: "string" + variables: + additionalProperties: + type: "string" + type: "object" required: + - "branch" - "name" - - "selector" + - "organization" + - "personalAccessToken" + - "pipeline" + - "project" + - "thresholdMillis" + - "variables" type: "object" type: "array" - cloudwatch: + catalog: items: properties: - accessKey: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - actionPrefix: - type: "string" - alarmPrefix: - type: "string" - alarms: - items: - type: "string" - type: "array" - connection: - description: "ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey." - type: "string" description: description: "Description for the check" type: "string" @@ -1273,8 +1434,6 @@ spec: template: type: "string" type: "object" - endpoint: - type: "string" icon: description: "Icon for overwriting default icon on the dashboard" type: "string" @@ -1284,28 +1443,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -1314,50 +1453,233 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" - region: - type: "string" - secretKey: + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: type: "string" - name: + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" + selector: + items: + properties: + agent: + description: "Agent can be the agent id or the name of the agent.\n Additionally, the special \"self\" value can be used to select resources without an agent." + type: "string" + cache: + description: "Cache directives\n 'no-cache' (should not fetch from cache but can be cached)\n 'no-store' (should not cache)\n 'max-age=X' (cache for X duration)" + type: "string" + fieldSelector: + type: "string" + id: + type: "string" + labelSelector: + type: "string" + name: + type: "string" + namespace: + type: "string" + scope: + type: "string" + statuses: + items: type: "string" - type: "object" + type: "array" + tagSelector: + type: "string" + types: + items: + type: "string" + type: "array" + type: "object" + type: "array" + test: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" type: "object" - sessionToken: + transform: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" + type: "object" + transformDeleteStrategy: + description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" + type: "string" + required: + - "name" + - "selector" + type: "object" + type: "array" + cloudwatch: + items: + properties: + accessKey: properties: name: type: "string" @@ -1398,23 +1720,21 @@ spec: type: "string" type: "object" type: "object" - skipTLSVerify: - description: "Skip TLS verify when connecting to aws" - type: "boolean" - state: + actionPrefix: type: "string" - test: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" - transform: + alarmPrefix: + type: "string" + alarms: + items: + type: "string" + type: "array" + connection: + description: "ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey." + type: "string" + description: + description: "Description for the check" + type: "string" + display: properties: expr: type: "string" @@ -1425,197 +1745,19 @@ spec: template: type: "string" type: "object" - transformDeleteStrategy: - description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" - type: "string" - required: - - "name" - type: "object" - type: "array" - containerd: - items: - properties: - auth: - properties: - password: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - username: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - type: "object" - description: - description: "Description for the check" - type: "string" - expectedDigest: - type: "string" - expectedSize: - format: "int64" - type: "integer" - icon: - description: "Icon for overwriting default icon on the dashboard" - type: "string" - image: - type: "string" - labels: - additionalProperties: - type: "string" - description: "Labels for the check" - type: "object" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." - type: "string" - transformDeleteStrategy: - description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" - type: "string" - required: - - "image" - - "name" - type: "object" - type: "array" - containerdPush: - items: - properties: - description: - description: "Description for the check" + endpoint: type: "string" icon: description: "Icon for overwriting default icon on the dashboard" type: "string" - image: - type: "string" labels: additionalProperties: type: "string" description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -1624,134 +1766,254 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" - password: - type: "string" - transformDeleteStrategy: - description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" - type: "string" - username: - type: "string" - required: - - "image" - - "name" - type: "object" - type: "array" - databaseBackup: - items: - properties: - description: - description: "Description for the check" + region: type: "string" - display: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" - gcp: + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." properties: - gcpConnection: - properties: - connection: - description: "ConnectionName of the connection. It'll be used to populate the endpoint and credentials." - type: "string" - credentials: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" + secretKey: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" type: "object" - endpoint: + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" type: "string" type: "object" - instance: + type: "object" + sessionToken: + properties: + name: type: "string" - project: + value: type: "string" - required: - - "instance" - - "project" - type: "object" - icon: - description: "Icon for overwriting default icon on the dashboard" - type: "string" - labels: - additionalProperties: - type: "string" - description: "Labels for the check" - type: "object" - maxAge: - type: "string" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: + valueFrom: + properties: + configMapKeyRef: properties: + key: + type: "string" name: type: "string" - value: + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: type: "string" - valueExpr: + name: type: "string" required: - - "name" + - "key" type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + skipTLSVerify: + description: "Skip TLS verify when connecting to aws" + type: "boolean" + state: type: "string" test: properties: @@ -1782,77 +2044,7 @@ spec: - "name" type: "object" type: "array" - dns: - items: - properties: - description: - description: "Description for the check" - type: "string" - exactreply: - items: - type: "string" - type: "array" - icon: - description: "Icon for overwriting default icon on the dashboard" - type: "string" - labels: - additionalProperties: - type: "string" - description: "Labels for the check" - type: "object" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - minrecords: - type: "integer" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." - type: "string" - port: - type: "integer" - query: - type: "string" - querytype: - type: "string" - server: - type: "string" - thresholdMillis: - type: "integer" - timeout: - type: "integer" - transformDeleteStrategy: - description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" - type: "string" - required: - - "name" - type: "object" - type: "array" - docker: + containerd: items: properties: auth: @@ -1959,28 +2151,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -1989,6 +2161,166 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" transformDeleteStrategy: description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" type: "string" @@ -1997,208 +2329,281 @@ spec: - "name" type: "object" type: "array" - dockerPush: + containerdPush: items: properties: - auth: + description: + description: "Description for the check" + type: "string" + icon: + description: "Icon for overwriting default icon on the dashboard" + type: "string" + image: + type: "string" + labels: + additionalProperties: + type: "string" + description: "Labels for the check" + type: "object" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: + type: "object" + type: "array" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" + password: + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." properties: - password: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: type: "string" - type: "object" - type: "object" - username: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: type: "string" - type: "object" - type: "object" - type: "object" - description: - description: "Description for the check" - type: "string" - icon: - description: "Icon for overwriting default icon on the dashboard" - type: "string" - image: - type: "string" - labels: - additionalProperties: - type: "string" - description: "Labels for the check" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" type: "object" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." - type: "string" transformDeleteStrategy: description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" type: "string" + username: + type: "string" required: - "image" - "name" type: "object" type: "array" - dynatrace: + databaseBackup: items: properties: - apiKey: + description: + description: "Description for the check" + type: "string" + display: properties: - name: + expr: type: "string" - value: + javascript: type: "string" - valueFrom: + jsonPath: + type: "string" + template: + type: "string" + type: "object" + gcp: + properties: + gcpConnection: properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: + connection: + description: "ConnectionName of the connection. It'll be used to populate the endpoint and credentials." + type: "string" + credentials: properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" name: type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: + value: type: "string" - required: - - "key" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" + endpoint: type: "string" type: "object" - type: "object" - connection: - type: "string" - description: - description: "Description for the check" - type: "string" - display: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: + instance: type: "string" - template: + project: type: "string" + required: + - "instance" + - "project" type: "object" - host: - type: "string" icon: description: "Icon for overwriting default icon on the dashboard" type: "string" @@ -2207,29 +2612,11 @@ spec: type: "string" description: "Labels for the check" type: "object" + maxAge: + type: "string" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -2238,8 +2625,166 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" - scheme: - type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" test: properties: expr: @@ -2269,111 +2814,222 @@ spec: - "name" type: "object" type: "array" - elasticsearch: + dns: items: properties: - bearer: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - connection: - description: "Connection name e.g. connection://http/google" - type: "string" description: description: "Description for the check" type: "string" - display: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" + exactreply: + items: + type: "string" + type: "array" icon: description: "Icon for overwriting default icon on the dashboard" type: "string" - index: - type: "string" labels: additionalProperties: type: "string" description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" + minrecords: + type: "integer" name: description: "Name of the check" type: "string" namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" - oauth: + port: + type: "integer" + query: + type: "string" + querytype: + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." properties: - clientID: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" + server: + type: "string" + thresholdMillis: + type: "integer" + timeout: + type: "integer" + transformDeleteStrategy: + description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" + type: "string" + required: + - "name" + type: "object" + type: "array" + docker: + items: + properties: + auth: + properties: + password: properties: name: type: "string" @@ -2414,7 +3070,7 @@ spec: type: "string" type: "object" type: "object" - clientSecret: + username: properties: name: type: "string" @@ -2455,24 +3111,804 @@ spec: type: "string" type: "object" type: "object" - params: - additionalProperties: - type: "string" - type: "object" - scope: - items: - type: "string" - type: "array" - tokenURL: - type: "string" type: "object" - password: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: + description: + description: "Description for the check" + type: "string" + expectedDigest: + type: "string" + expectedSize: + format: "int64" + type: "integer" + icon: + description: "Icon for overwriting default icon on the dashboard" + type: "string" + image: + type: "string" + labels: + additionalProperties: + type: "string" + description: "Labels for the check" + type: "object" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: + type: "object" + type: "array" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" + transformDeleteStrategy: + description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" + type: "string" + required: + - "image" + - "name" + type: "object" + type: "array" + dockerPush: + items: + properties: + auth: + properties: + password: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + username: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + type: "object" + description: + description: "Description for the check" + type: "string" + icon: + description: "Icon for overwriting default icon on the dashboard" + type: "string" + image: + type: "string" + labels: + additionalProperties: + type: "string" + description: "Labels for the check" + type: "object" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: + type: "object" + type: "array" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" + transformDeleteStrategy: + description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" + type: "string" + required: + - "image" + - "name" + type: "object" + type: "array" + dynatrace: + items: + properties: + apiKey: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + connection: + type: "string" + description: + description: "Description for the check" + type: "string" + display: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" + type: "object" + host: + type: "string" + icon: + description: "Icon for overwriting default icon on the dashboard" + type: "string" + labels: + additionalProperties: + type: "string" + description: "Labels for the check" + type: "object" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: + type: "object" + type: "array" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" + scheme: + type: "string" + test: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" + type: "object" + transform: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" + type: "object" + transformDeleteStrategy: + description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" + type: "string" + required: + - "name" + type: "object" + type: "array" + elasticsearch: + items: + properties: + connection: + description: "Connection name e.g. connection://http/google" + type: "string" + description: + description: "Description for the check" + type: "string" + display: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" + type: "object" + icon: + description: "Icon for overwriting default icon on the dashboard" + type: "string" + index: + type: "string" + labels: + additionalProperties: + type: "string" + description: "Labels for the check" + type: "object" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: + type: "object" + type: "array" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" + password: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: properties: configMapKeyRef: properties: @@ -2499,16 +3935,176 @@ spec: type: "string" name: type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + query: + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" type: "object" - query: - type: "string" results: type: "integer" test: @@ -3088,264 +4684,221 @@ spec: properties: configMapKeyRef: properties: - key: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + type: "array" + icon: + description: "Icon for overwriting default icon on the dashboard" + type: "string" + labels: + additionalProperties: + type: "string" + description: "Labels for the check" + type: "object" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: + type: "object" + type: "array" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: type: "string" - name: + label: + type: "string" + value: type: "string" - required: - - "key" type: "object" - helmRef: + namespace: + description: "Lookup offers different ways to specify a lookup value" properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + expr: type: "string" - name: + label: + type: "string" + value: type: "string" - required: - - "key" type: "object" - secretKeyRef: + scope: properties: - key: + expr: type: "string" - name: + label: + type: "string" + value: type: "string" - required: - - "key" type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - type: "array" - icon: - description: "Icon for overwriting default icon on the dashboard" - type: "string" - labels: - additionalProperties: - type: "string" - description: "Labels for the check" - type: "object" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." - type: "string" - script: - description: "Script can be a inline script or a path to a script that needs to be executed\nOn windows executed via powershell and in darwin and linux executed using bash" - type: "string" - test: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" - transform: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" - transformDeleteStrategy: - description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" - type: "string" - required: - - "name" - - "script" - type: "object" - type: "array" - folder: - items: - properties: - availableSize: - description: "AvailableSize present on the filesystem" - type: "string" - awsConnection: - properties: - accessKey: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - bucket: - type: "string" - connection: - description: "ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey." - type: "string" - endpoint: - type: "string" - objectPath: - description: "glob path to restrict matches to a subset" - type: "string" - region: - type: "string" - secretKey: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - sessionToken: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - skipTLSVerify: - description: "Skip TLS verify when connecting to aws" - type: "boolean" - usePathStyle: - description: "Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY" - type: "boolean" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" type: "object" - description: - description: "Description for the check" + script: + description: "Script can be a inline script or a path to a script that needs to be executed\nOn windows executed via powershell and in darwin and linux executed using bash" type: "string" - display: + test: properties: expr: type: "string" @@ -3356,29 +4909,34 @@ spec: template: type: "string" type: "object" - filter: + transform: properties: - maxAge: - type: "string" - maxSize: - type: "string" - minAge: + expr: type: "string" - minSize: + javascript: type: "string" - regex: + jsonPath: type: "string" - since: + template: type: "string" type: "object" - gcpConnection: + transformDeleteStrategy: + description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" + type: "string" + required: + - "name" + - "script" + type: "object" + type: "array" + folder: + items: + properties: + availableSize: + description: "AvailableSize present on the filesystem" + type: "string" + awsConnection: properties: - bucket: - type: "string" - connection: - description: "ConnectionName of the connection. It'll be used to populate the endpoint and credentials." - type: "string" - credentials: + accessKey: properties: name: type: "string" @@ -3419,75 +4977,19 @@ spec: type: "string" type: "object" type: "object" + bucket: + type: "string" + connection: + description: "ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey." + type: "string" endpoint: type: "string" - type: "object" - icon: - description: "Icon for overwriting default icon on the dashboard" - type: "string" - labels: - additionalProperties: - type: "string" - description: "Labels for the check" - type: "object" - maxAge: - description: "MaxAge the latest object should be younger than defined age" - type: "string" - maxCount: - description: "MinCount the minimum number of files inside the searchPath" - type: "integer" - maxSize: - description: "MaxSize of the files inside the searchPath" - type: "string" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - minAge: - description: "MinAge the latest object should be older than defined age" - type: "string" - minCount: - description: "MinCount the minimum number of files inside the searchPath" - type: "integer" - minSize: - description: "MinSize of the files inside the searchPath" - type: "string" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." - type: "string" - path: - description: "Path to folder or object storage, e.g. `s3://`, `gcs://`, `/path/tp/folder`" - type: "string" - recursive: - description: "Recursive when set to true will recursively scan the folder to list the files in it.\nHowever, symlinks are simply listed but not traversed." - type: "boolean" - sftpConnection: - properties: - bearer: + objectPath: + description: "glob path to restrict matches to a subset" + type: "string" + region: + type: "string" + secretKey: properties: name: type: "string" @@ -3528,107 +5030,7 @@ spec: type: "string" type: "object" type: "object" - connection: - description: "ConnectionName of the connection. It'll be used to populate the connection fields." - type: "string" - host: - type: "string" - oauth: - properties: - clientID: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - clientSecret: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - params: - additionalProperties: - type: "string" - type: "object" - scope: - items: - type: "string" - type: "array" - tokenURL: - type: "string" - type: "object" - password: + sessionToken: properties: name: type: "string" @@ -3669,10 +5071,50 @@ spec: type: "string" type: "object" type: "object" - port: - description: "Port for the SSH server. Defaults to 22" - type: "integer" - username: + skipTLSVerify: + description: "Skip TLS verify when connecting to aws" + type: "boolean" + usePathStyle: + description: "Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY" + type: "boolean" + type: "object" + description: + description: "Description for the check" + type: "string" + display: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" + type: "object" + filter: + properties: + maxAge: + type: "string" + maxSize: + type: "string" + minAge: + type: "string" + minSize: + type: "string" + regex: + type: "string" + since: + type: "string" + type: "object" + gcpConnection: + properties: + bucket: + type: "string" + connection: + description: "ConnectionName of the connection. It'll be used to populate the endpoint and credentials." + type: "string" + credentials: properties: name: type: "string" @@ -3713,12 +5155,220 @@ spec: type: "string" type: "object" type: "object" - required: - - "host" + endpoint: + type: "string" type: "object" - smbConnection: + icon: + description: "Icon for overwriting default icon on the dashboard" + type: "string" + labels: + additionalProperties: + type: "string" + description: "Labels for the check" + type: "object" + maxAge: + description: "MaxAge the latest object should be younger than defined age" + type: "string" + maxCount: + description: "MinCount the minimum number of files inside the searchPath" + type: "integer" + maxSize: + description: "MaxSize of the files inside the searchPath" + type: "string" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: + type: "object" + type: "array" + minAge: + description: "MinAge the latest object should be older than defined age" + type: "string" + minCount: + description: "MinCount the minimum number of files inside the searchPath" + type: "integer" + minSize: + description: "MinSize of the files inside the searchPath" + type: "string" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" + path: + description: "Path to folder or object storage, e.g. `s3://`, `gcs://`, `/path/tp/folder`" + type: "string" + recursive: + description: "Recursive when set to true will recursively scan the folder to list the files in it.\nHowever, symlinks are simply listed but not traversed." + type: "boolean" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" + sftpConnection: properties: - bearer: + connection: + description: "ConnectionName of the connection. It'll be used to populate the connection fields." + type: "string" + host: + type: "string" + password: properties: name: type: "string" @@ -3759,107 +5409,61 @@ spec: type: "string" type: "object" type: "object" - connection: - description: "ConnectionName of the connection. It'll be used to populate the connection fields." - type: "string" - domain: - description: "Domain..." - type: "string" - oauth: + port: + description: "Port for the SSH server. Defaults to 22" + type: "integer" + username: properties: - clientID: + name: + type: "string" + value: + type: "string" + valueFrom: properties: - name: - type: "string" - value: - type: "string" - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" + key: + type: "string" + name: type: "string" + required: + - "key" type: "object" - type: "object" - clientSecret: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: + helmRef: properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: type: "string" + required: + - "key" type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" type: "object" - params: - additionalProperties: - type: "string" - type: "object" - scope: - items: - type: "string" - type: "array" - tokenURL: - type: "string" type: "object" + required: + - "host" + type: "object" + smbConnection: + properties: + connection: + description: "ConnectionName of the connection. It'll be used to populate the connection fields." + type: "string" + domain: + description: "Domain..." + type: "string" password: properties: name: @@ -4007,28 +5611,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -4078,6 +5662,166 @@ spec: type: "string" type: "object" type: "object" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" repository: type: "string" test: @@ -4212,38 +5956,18 @@ spec: description: "ServiceAccount specifies the service account whose token should be fetched" type: "string" type: "object" - type: "object" - icon: - description: "Icon for overwriting default icon on the dashboard" - type: "string" - labels: - additionalProperties: - type: "string" - description: "Labels for the check" - type: "object" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" + type: "object" + icon: + description: "Icon for overwriting default icon on the dashboard" + type: "string" + labels: + additionalProperties: + type: "string" + description: "Labels for the check" + type: "object" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: type: "object" type: "array" name: @@ -4255,6 +5979,166 @@ spec: query: description: "Query to be executed. Please see https://github.com/askgitdev/askgit for more details regarding syntax" type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" test: properties: expr: @@ -4370,57 +6254,197 @@ spec: serviceAccount: description: "ServiceAccount specifies the service account whose token should be fetched" type: "string" - type: "object" - type: "object" - type: "object" - cafile: - type: "string" - chartmuseum: - type: "string" - description: - description: "Description for the check" - type: "string" - icon: - description: "Icon for overwriting default icon on the dashboard" - type: "string" - labels: - additionalProperties: - type: "string" - description: "Labels for the check" + type: "object" + type: "object" + type: "object" + cafile: + type: "string" + chartmuseum: + type: "string" + description: + description: "Description for the check" + type: "string" + icon: + description: "Icon for overwriting default icon on the dashboard" + type: "string" + labels: + additionalProperties: + type: "string" + description: "Labels for the check" + type: "object" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: + type: "object" + type: "array" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" + project: + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" type: "object" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." - type: "string" - project: - type: "string" transformDeleteStrategy: description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" type: "string" @@ -4431,47 +6455,6 @@ spec: http: items: properties: - bearer: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" body: description: "Request Body Contents" type: "string" @@ -4598,28 +6581,8 @@ spec: description: "Method to use - defaults to GET" type: "string" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -4631,104 +6594,9 @@ spec: ntlm: description: "NTLM when set to true will do authentication using NTLM v1 protocol" type: "boolean" - ntlmv2: - description: "NTLM when set to true will do authentication using NTLM v2 protocol" - type: "boolean" - oauth: - properties: - clientID: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - clientSecret: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - params: - additionalProperties: - type: "string" - type: "object" - scope: - items: - type: "string" - type: "array" - tokenURL: - type: "string" - type: "object" + ntlmv2: + description: "NTLM when set to true will do authentication using NTLM v2 protocol" + type: "boolean" oauth2: description: "Oauth2 Configuration. The client ID & Client secret should go to username & password respectively." properties: @@ -4784,6 +6652,166 @@ spec: type: "string" type: "object" type: "object" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" responseCodes: description: "Expected response codes for the HTTP Request." items: @@ -4952,155 +6980,29 @@ spec: - "key" type: "object" serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - type: "object" - transform: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" - transformDeleteStrategy: - description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" - type: "string" - url: - description: "Connection url, interpolated with username,password" - type: "string" - username: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - required: - - "name" - type: "object" - type: "array" - icmp: - items: - properties: - description: - description: "Description for the check" - type: "string" - endpoint: - type: "string" - icon: - description: "Icon for overwriting default icon on the dashboard" - type: "string" - labels: - additionalProperties: - type: "string" - description: "Labels for the check" - type: "object" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." - type: "string" - packetCount: - type: "integer" - packetLossThreshold: - format: "int64" - type: "integer" - thresholdMillis: - format: "int64" - type: "integer" + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + type: "object" + transform: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" + type: "object" transformDeleteStrategy: description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" type: "string" - required: - - "name" - type: "object" - type: "array" - icon: - type: "string" - interval: - description: "interval (in seconds) to run checks on Deprecated in favor of Schedule" - format: "int64" - type: "integer" - jmeter: - items: - properties: - description: - description: "Description for the check" - type: "string" - host: - description: "Host is the server against which test plan needs to be executed" - type: "string" - icon: - description: "Icon for overwriting default icon on the dashboard" + url: + description: "Connection url, interpolated with username,password" type: "string" - jmx: - description: "Jmx defines the ConfigMap or Secret reference to get the JMX test plan" + username: properties: name: type: "string" @@ -5141,95 +7043,18 @@ spec: type: "string" type: "object" type: "object" - labels: - additionalProperties: - type: "string" - description: "Labels for the check" - type: "object" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." - type: "string" - port: - description: "Port on which the server is running" - format: "int32" - type: "integer" - properties: - description: "Properties defines the local Jmeter properties" - items: - type: "string" - type: "array" - responseDuration: - description: "ResponseDuration under which the all the test should pass" - type: "string" - systemProperties: - description: "SystemProperties defines the java system property" - items: - type: "string" - type: "array" - transformDeleteStrategy: - description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" - type: "string" required: - - "jmx" - "name" type: "object" type: "array" - junit: + icmp: items: properties: - artifacts: - description: "Artifacts configure the artifacts generated by the check" - items: - properties: - path: - description: "Path to the artifact on the check runner.\nSpecial paths: /dev/stdout & /dev/stdin" - type: "string" - required: - - "path" - type: "object" - type: "array" description: description: "Description for the check" type: "string" - display: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" + endpoint: + type: "string" icon: description: "Icon for overwriting default icon on the dashboard" type: "string" @@ -5239,28 +7064,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -5269,77 +7074,201 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" - spec: - type: "object" - x-kubernetes-preserve-unknown-fields: true - test: + packetCount: + type: "integer" + packetLossThreshold: + format: "int64" + type: "integer" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" type: "object" - testResults: - type: "string" - timeout: - description: "Timeout in minutes to wait for specified container to finish its job. Defaults to 5 minutes" + thresholdMillis: + format: "int64" type: "integer" - transform: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" transformDeleteStrategy: description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" type: "string" required: - "name" - - "spec" - - "testResults" type: "object" type: "array" - kubernetes: + icon: + type: "string" + interval: + description: "interval (in seconds) to run checks on Deprecated in favor of Schedule" + format: "int64" + type: "integer" + jmeter: items: properties: description: description: "Description for the check" type: "string" - display: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" - healthy: - description: "Fail the check if any resources are unhealthy" - type: "boolean" + host: + description: "Host is the server against which test plan needs to be executed" + type: "string" icon: description: "Icon for overwriting default icon on the dashboard" type: "string" - ignore: - description: "Ignore the specified resources from the fetched resources. Can be a glob pattern." - items: - type: "string" - type: "array" - kind: - type: "string" - kubeconfig: - description: "KubeConfig is the kubeconfig or the path to the kubeconfig file." + jmx: + description: "Jmx defines the ConfigMap or Secret reference to get the JMX test plan" properties: name: type: "string" @@ -5386,28 +7315,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -5416,81 +7325,205 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" - namespaceSelector: - properties: - fieldSelector: - type: "string" - labelSelector: - type: "string" - name: - type: "string" - type: "object" - ready: - description: "Fail the check if any resources are not ready" - type: "boolean" - resource: - properties: - fieldSelector: - type: "string" - labelSelector: - type: "string" - name: - type: "string" - type: "object" - test: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" - transform: + port: + description: "Port on which the server is running" + format: "int32" + type: "integer" + properties: + description: "Properties defines the local Jmeter properties" + items: + type: "string" + type: "array" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" type: "object" + responseDuration: + description: "ResponseDuration under which the all the test should pass" + type: "string" + systemProperties: + description: "SystemProperties defines the java system property" + items: + type: "string" + type: "array" transformDeleteStrategy: description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" type: "string" required: - - "kind" + - "jmx" - "name" type: "object" type: "array" - kubernetesResource: + junit: items: properties: - checkRetries: - description: "Set initial delays and retry intervals for checks." - properties: - delay: - description: "Delay is the initial delay" - type: "string" - interval: - type: "string" - timeout: - type: "string" - type: "object" - checks: - description: "Checks to run against the kubernetes resources." + artifacts: + description: "Artifacts configure the artifacts generated by the check" items: - description: "KubernetesResourceChecks is the canary spec.\nNOTE: It's only created to make crd generation possible.\nembedding CanarySpec into KubernetesResourceCheck.checks\ndirectly generates an invalid crd." + properties: + path: + description: "Path to the artifact on the check runner.\nSpecial paths: /dev/stdout & /dev/stdin" + type: "string" + required: + - "path" type: "object" type: "array" - x-kubernetes-preserve-unknown-fields: true - clearResources: - description: "Ensure that the resources are deleted before creating them." - type: "boolean" description: description: "Description for the check" type: "string" @@ -5508,76 +7541,14 @@ spec: icon: description: "Icon for overwriting default icon on the dashboard" type: "string" - kubeconfig: - description: "Kubeconfig is the kubeconfig or the path to the kubeconfig file." - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" labels: additionalProperties: type: "string" description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -5586,11 +7557,168 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" - resources: - description: "Resources are kubernetes resources that are created & cleared\nafter every check run." - x-kubernetes-preserve-unknown-fields: true - staticResources: - description: "StaticResources are kubernetes resources that are created & only\ncleared when the canary is deleted" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" + spec: + type: "object" x-kubernetes-preserve-unknown-fields: true test: properties: @@ -5603,6 +7731,11 @@ spec: template: type: "string" type: "object" + testResults: + type: "string" + timeout: + description: "Timeout in minutes to wait for specified container to finish its job. Defaults to 5 minutes" + type: "integer" transform: properties: expr: @@ -5617,267 +7750,44 @@ spec: transformDeleteStrategy: description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" type: "string" - waitFor: - properties: - delete: - description: "Whether to wait for deletion or not" - type: "boolean" - disable: - description: "Disable waiting for resources to get to their desired state." - type: "boolean" - expr: - description: "Expr is a cel expression that determines whether all the resources\nare in their desired state before running checks on them.\n\tDefault: `dyn(resources).all(r, k8s.isHealthy(r))`" - type: "string" - interval: - description: "Interval to check if all static & non-static resources are ready.\n\tDefault: 5s" - type: "string" - timeout: - description: "Timeout to wait for all static & non-static resources to be ready.\n\tDefault: 10m" - type: "string" - type: "object" required: - "name" - - "resources" + - "spec" + - "testResults" type: "object" type: "array" - ldap: + kubernetes: items: properties: - bearer: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - bindDN: - type: "string" - connection: - description: "Connection name e.g. connection://http/google" - type: "string" description: description: "Description for the check" type: "string" - icon: - description: "Icon for overwriting default icon on the dashboard" - type: "string" - labels: - additionalProperties: - type: "string" - description: "Labels for the check" - type: "object" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." - type: "string" - oauth: - properties: - clientID: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - clientSecret: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - params: - additionalProperties: - type: "string" - type: "object" - scope: - items: - type: "string" - type: "array" - tokenURL: - type: "string" - type: "object" - password: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" + display: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" type: "object" - skipTLSVerify: + healthy: + description: "Fail the check if any resources are unhealthy" type: "boolean" - transformDeleteStrategy: - description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" - type: "string" - url: - description: "Connection url, interpolated with username,password" + icon: + description: "Icon for overwriting default icon on the dashboard" type: "string" - userSearch: + ignore: + description: "Ignore the specified resources from the fetched resources. Can be a glob pattern." + items: + type: "string" + type: "array" + kind: type: "string" - username: + kubeconfig: + description: "KubeConfig is the kubeconfig or the path to the kubeconfig file." properties: name: type: "string" @@ -5918,15 +7828,276 @@ spec: type: "string" type: "object" type: "object" - required: - - "bindDN" - - "name" - type: "object" - type: "array" - mongodb: - items: - properties: - bearer: + labels: + additionalProperties: + type: "string" + description: "Labels for the check" + type: "object" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: + type: "object" + type: "array" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" + namespaceSelector: + properties: + fieldSelector: + type: "string" + labelSelector: + type: "string" + name: + type: "string" + type: "object" + ready: + description: "Fail the check if any resources are not ready" + type: "boolean" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" + resource: + properties: + fieldSelector: + type: "string" + labelSelector: + type: "string" + name: + type: "string" + type: "object" + test: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" + type: "object" + transform: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" + type: "object" + transformDeleteStrategy: + description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" + type: "string" + required: + - "kind" + - "name" + type: "object" + type: "array" + kubernetesResource: + items: + properties: + checkRetries: + description: "Set initial delays and retry intervals for checks." + properties: + delay: + description: "Delay is the initial delay" + type: "string" + interval: + type: "string" + timeout: + type: "string" + type: "object" + checks: + description: "Checks to run against the kubernetes resources." + items: + description: "KubernetesResourceChecks is the canary spec.\nNOTE: It's only created to make crd generation possible.\nembedding CanarySpec into KubernetesResourceCheck.checks\ndirectly generates an invalid crd." + type: "object" + type: "array" + x-kubernetes-preserve-unknown-fields: true + clearResources: + description: "Ensure that the resources are deleted before creating them." + type: "boolean" + description: + description: "Description for the check" + type: "string" + display: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" + type: "object" + icon: + description: "Icon for overwriting default icon on the dashboard" + type: "string" + kubeconfig: + description: "Kubeconfig is the kubeconfig or the path to the kubeconfig file." properties: name: type: "string" @@ -5967,6 +8138,241 @@ spec: type: "string" type: "object" type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels for the check" + type: "object" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: + type: "object" + type: "array" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" + resources: + description: "Resources are kubernetes resources that are created & cleared\nafter every check run." + x-kubernetes-preserve-unknown-fields: true + staticResources: + description: "StaticResources are kubernetes resources that are created & only\ncleared when the canary is deleted" + x-kubernetes-preserve-unknown-fields: true + test: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" + type: "object" + transform: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" + type: "object" + transformDeleteStrategy: + description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" + type: "string" + waitFor: + properties: + delete: + description: "Whether to wait for deletion or not" + type: "boolean" + disable: + description: "Disable waiting for resources to get to their desired state." + type: "boolean" + expr: + description: "Expr is a cel expression that determines whether all the resources\nare in their desired state before running checks on them.\n\tDefault: `dyn(resources).all(r, k8s.isHealthy(r))`" + type: "string" + interval: + description: "Interval to check if all static & non-static resources are ready.\n\tDefault: 5s" + type: "string" + timeout: + description: "Timeout to wait for all static & non-static resources to be ready.\n\tDefault: 10m" + type: "string" + type: "object" + required: + - "name" + - "resources" + type: "object" + type: "array" + ldap: + items: + properties: + bindDN: + type: "string" connection: description: "Connection name e.g. connection://http/google" type: "string" @@ -5981,29 +8387,9 @@ spec: type: "string" description: "Labels for the check" type: "object" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: type: "object" type: "array" name: @@ -6012,102 +8398,218 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" - oauth: + password: properties: - clientID: + name: + type: "string" + value: + type: "string" + valueFrom: properties: - name: - type: "string" - value: - type: "string" - valueFrom: + configMapKeyRef: properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" + key: + type: "string" + name: type: "string" + required: + - "key" type: "object" - type: "object" - clientSecret: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: + helmRef: properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: type: "string" + required: + - "key" type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" type: "object" - params: - additionalProperties: - type: "string" - type: "object" - scope: + type: "object" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: items: - type: "string" + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" type: "array" - tokenURL: - type: "string" type: "object" - password: + skipTLSVerify: + type: "boolean" + transformDeleteStrategy: + description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" + type: "string" + url: + description: "Connection url, interpolated with username,password" + type: "string" + userSearch: + type: "string" + username: properties: name: type: "string" @@ -6148,13 +8650,40 @@ spec: type: "string" type: "object" type: "object" - transformDeleteStrategy: - description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" + required: + - "bindDN" + - "name" + type: "object" + type: "array" + mongodb: + items: + properties: + connection: + description: "Connection name e.g. connection://http/google" type: "string" - url: - description: "Connection url, interpolated with username,password" + description: + description: "Description for the check" type: "string" - username: + icon: + description: "Icon for overwriting default icon on the dashboard" + type: "string" + labels: + additionalProperties: + type: "string" + description: "Labels for the check" + type: "object" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: + type: "object" + type: "array" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" + password: properties: name: type: "string" @@ -6195,14 +8724,13 @@ spec: type: "string" type: "object" type: "object" - required: - - "name" - type: "object" - type: "array" - mssql: - items: - properties: - bearer: + transformDeleteStrategy: + description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" + type: "string" + url: + description: "Connection url, interpolated with username,password" + type: "string" + username: properties: name: type: "string" @@ -6243,6 +8771,13 @@ spec: type: "string" type: "object" type: "object" + required: + - "name" + type: "object" + type: "array" + mssql: + items: + properties: connection: description: "Connection name e.g. connection://http/google" type: "string" @@ -6269,28 +8804,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -6299,101 +8814,6 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" - oauth: - properties: - clientID: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - clientSecret: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - params: - additionalProperties: - type: "string" - type: "object" - scope: - items: - type: "string" - type: "array" - tokenURL: - type: "string" - type: "object" password: properties: name: @@ -6427,16 +8847,176 @@ spec: type: "string" name: type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + query: + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" type: "object" - query: - type: "string" results: description: "Number rows to check for" type: "integer" @@ -6516,47 +9096,6 @@ spec: mysql: items: properties: - bearer: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" connection: description: "Connection name e.g. connection://http/google" type: "string" @@ -6583,28 +9122,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -6613,101 +9132,6 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" - oauth: - properties: - clientID: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - clientSecret: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - params: - additionalProperties: - type: "string" - type: "object" - scope: - items: - type: "string" - type: "array" - tokenURL: - type: "string" - type: "object" password: properties: name: @@ -6739,18 +9163,178 @@ spec: properties: key: type: "string" - name: + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + query: + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" type: "object" - query: - type: "string" results: description: "Number rows to check for" type: "integer" @@ -6868,58 +9452,198 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: + type: "object" + type: "array" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" + namespaceAnnotations: + additionalProperties: + type: "string" + type: "object" + namespaceLabels: + additionalProperties: + type: "string" + type: "object" + namespaceNamePrefix: + type: "string" + path: + type: "string" + podSpec: + type: "string" + port: + format: "int64" + type: "integer" + priorityClass: + type: "string" + readyTimeout: + format: "int64" + type: "integer" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: type: "string" - valueExpr: + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." - type: "string" - namespaceAnnotations: - additionalProperties: - type: "string" - type: "object" - namespaceLabels: - additionalProperties: - type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" type: "object" - namespaceNamePrefix: - type: "string" - path: - type: "string" - podSpec: - type: "string" - port: - format: "int64" - type: "integer" - priorityClass: - type: "string" - readyTimeout: - format: "int64" - type: "integer" schedule_timeout: format: "int64" type: "integer" @@ -6934,47 +9658,6 @@ spec: opensearch: items: properties: - bearer: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" connection: description: "Connection name e.g. connection://http/google" type: "string" @@ -7003,28 +9686,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -7033,101 +9696,6 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" - oauth: - properties: - clientID: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - clientSecret: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - params: - additionalProperties: - type: "string" - type: "object" - scope: - items: - type: "string" - type: "array" - tokenURL: - type: "string" - type: "object" password: properties: name: @@ -7159,18 +9727,178 @@ spec: properties: key: type: "string" - name: + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + query: + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" type: "object" - query: - type: "string" results: format: "int64" type: "integer" @@ -7292,47 +10020,187 @@ spec: type: "string" description: "Labels for the check" type: "object" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." - type: "string" - path: - type: "string" - port: - format: "int64" - type: "integer" - priorityClass: - type: "string" - readyTimeout: - format: "int64" - type: "integer" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: + type: "object" + type: "array" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" + path: + type: "string" + port: + format: "int64" + type: "integer" + priorityClass: + type: "string" + readyTimeout: + format: "int64" + type: "integer" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" roundRobinNodes: type: "boolean" scheduleTimeout: @@ -7350,47 +10218,6 @@ spec: postgres: items: properties: - bearer: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" connection: description: "Connection name e.g. connection://http/google" type: "string" @@ -7417,28 +10244,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -7447,101 +10254,6 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" - oauth: - properties: - clientID: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - clientSecret: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" - type: "object" - params: - additionalProperties: - type: "string" - type: "object" - scope: - items: - type: "string" - type: "array" - tokenURL: - type: "string" - type: "object" password: properties: name: @@ -7573,18 +10285,178 @@ spec: properties: key: type: "string" - name: + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + query: + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" type: "object" - query: - type: "string" results: description: "Number rows to check for" type: "integer" @@ -7706,7 +10578,6 @@ spec: type: "object" type: "object" connection: - description: "Connection name e.g. connection://http/google" type: "string" description: description: "Description for the check" @@ -7734,28 +10605,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -7900,9 +10751,169 @@ spec: type: "string" type: "object" type: "object" - query: - description: "PromQL query" - type: "string" + query: + description: "PromQL query" + type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" test: properties: expr: @@ -7914,166 +10925,52 @@ spec: template: type: "string" type: "object" - transform: - properties: - expr: - type: "string" - javascript: - type: "string" - jsonPath: - type: "string" - template: - type: "string" - type: "object" - transformDeleteStrategy: - description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" - type: "string" - url: - description: "Connection url, interpolated with username,password" - type: "string" - username: + tls: properties: - name: - type: "string" - value: - type: "string" - valueFrom: + ca: + description: "PEM encoded certificate of the CA to verify the server certificate" properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" + name: type: "string" - type: "object" - type: "object" - required: - - "name" - - "query" - type: "object" - type: "array" - redis: - items: - properties: - addr: - description: "Deprecated: Use url instead" - type: "string" - bearer: - properties: - name: - type: "string" - value: - type: "string" - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - helmRef: - properties: - key: - description: "Key is a JSONPath expression used to fetch the key from the merged JSON." - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - secretKeyRef: - properties: - key: - type: "string" - name: - type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" + value: type: "string" - type: "object" - type: "object" - connection: - description: "Connection name e.g. connection://http/google" - type: "string" - db: - type: "integer" - description: - description: "Description for the check" - type: "string" - icon: - description: "Icon for overwriting default icon on the dashboard" - type: "string" - labels: - additionalProperties: - type: "string" - description: "Labels for the check" - type: "object" - metrics: - description: "Metrics to expose from check results" - items: - properties: - labels: - items: + valueFrom: properties: - name: - type: "string" - value: - type: "string" - valueExpr: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" type: "string" - required: - - "name" type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" - type: "object" - type: "array" - name: - description: "Name of the check" - type: "string" - namespace: - description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." - type: "string" - oauth: - properties: - clientID: + type: "object" + cert: + description: "PEM encoded client certificate" properties: name: type: "string" @@ -8114,7 +11011,15 @@ spec: type: "string" type: "object" type: "object" - clientSecret: + handshakeTimeout: + description: "HandshakeTimeout defaults to 10 seconds" + format: "int64" + type: "integer" + insecureSkipVerify: + description: "InsecureSkipVerify controls whether a client verifies the server's\ncertificate chain and host name" + type: "boolean" + key: + description: "PEM encoded client private key" properties: name: type: "string" @@ -8155,17 +11060,102 @@ spec: type: "string" type: "object" type: "object" - params: - additionalProperties: - type: "string" - type: "object" - scope: - items: - type: "string" - type: "array" - tokenURL: - type: "string" type: "object" + transform: + properties: + expr: + type: "string" + javascript: + type: "string" + jsonPath: + type: "string" + template: + type: "string" + type: "object" + transformDeleteStrategy: + description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" + type: "string" + url: + type: "string" + username: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + required: + - "name" + - "query" + type: "object" + type: "array" + redis: + items: + properties: + addr: + description: "Deprecated: Use url instead" + type: "string" + connection: + description: "Connection name e.g. connection://http/google" + type: "string" + db: + type: "integer" + description: + description: "Description for the check" + type: "string" + icon: + description: "Icon for overwriting default icon on the dashboard" + type: "string" + labels: + additionalProperties: + type: "string" + description: "Labels for the check" + type: "object" + metrics: + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" + items: + type: "object" + type: "array" + name: + description: "Name of the check" + type: "string" + namespace: + description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." + type: "string" password: properties: name: @@ -8207,6 +11197,166 @@ spec: type: "string" type: "object" type: "object" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" transformDeleteStrategy: description: "Transformed checks have a delete strategy on deletion they can either be marked healthy, unhealthy or left as is" type: "string" @@ -8333,28 +11483,8 @@ spec: description: "MaxAge for backup freshness" type: "string" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -8397,13 +11527,173 @@ spec: type: "string" name: type: "string" - required: - - "key" - type: "object" - serviceAccount: - description: "ServiceAccount specifies the service account whose token should be fetched" - type: "string" - type: "object" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" type: "object" repository: description: "Repository The restic repository path eg: rest:https://user:pass@host:8000/ or rest:https://host:8000/ or s3:s3.amazonaws.com/bucket_name" @@ -8527,28 +11817,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -8562,6 +11832,166 @@ spec: type: "string" region: type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" secretKey: properties: name: @@ -8679,28 +12109,8 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: - properties: - labels: - items: - properties: - name: - type: "string" - value: - type: "string" - valueExpr: - type: "string" - required: - - "name" - type: "object" - type: "array" - name: - type: "string" - type: - type: "string" - value: - type: "string" type: "object" type: "array" name: @@ -8709,6 +12119,166 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" thresholdMillis: format: "int64" type: "integer" @@ -8744,7 +12314,7 @@ spec: description: "Labels for the check" type: "object" metrics: - description: "Metrics to expose from check results" + description: "Metrics to expose from check.\nhttps://canarychecker.io/concepts/metrics-exporter" items: properties: labels: @@ -8774,6 +12344,166 @@ spec: namespace: description: "Namespace to insert the check into, if different to the namespace the canary is defined, e.g." type: "string" + relationships: + description: "Relationships defines a way to link the check results to components and configs\nusing lookup expressions." + properties: + components: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + configs: + items: + properties: + agent: + description: "Agent can be one of\n - agent id\n - agent name\n - 'self' (no agent)" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + external_id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + id: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + labels: + additionalProperties: + type: "string" + type: "object" + name: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + namespace: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + scope: + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: + description: "Lookup offers different ways to specify a lookup value" + properties: + expr: + type: "string" + label: + type: "string" + value: + type: "string" + type: "object" + type: "object" + type: "array" + type: "object" test: properties: expr: diff --git a/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/components.yaml b/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/components.yaml index f70f3d5a3..597a6b847 100644 --- a/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/components.yaml +++ b/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/components.yaml @@ -26,6 +26,7 @@ spec: metadata: type: "object" spec: + description: "ComponentSpec defines the specification for a component." properties: checks: items: @@ -64,6 +65,8 @@ spec: type: "string" namespace: type: "string" + scope: + type: "string" statuses: items: type: "string" @@ -183,6 +186,8 @@ spec: type: "string" namespace: type: "string" + scope: + type: "string" statuses: items: type: "string" @@ -318,6 +323,8 @@ spec: type: "string" namespace: type: "string" + scope: + type: "string" statuses: items: type: "string" @@ -330,7 +337,11 @@ spec: type: "array" type: "object" type: "array" + statusExpr: + description: "statusExpr allows defining a cel expression to evaluate the status of a component\nbased on the summary and the related config" + type: "string" summary: + description: "Summary is the health, incidents, insights & check summary" properties: checks: additionalProperties: diff --git a/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/topologies.yaml b/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/topologies.yaml index b12459a75..6cb011659 100644 --- a/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/topologies.yaml +++ b/crd-catalog/flanksource/canary-checker/canaries.flanksource.com/v1/topologies.yaml @@ -29,6 +29,7 @@ spec: properties: components: items: + description: "ComponentSpec defines the specification for a component." properties: checks: items: @@ -55,6 +56,8 @@ spec: type: "string" namespace: type: "string" + scope: + type: "string" statuses: items: type: "string" @@ -101,6 +104,8 @@ spec: type: "string" namespace: type: "string" + scope: + type: "string" statuses: items: type: "string" @@ -220,6 +225,8 @@ spec: type: "string" namespace: type: "string" + scope: + type: "string" statuses: items: type: "string" @@ -355,6 +362,8 @@ spec: type: "string" namespace: type: "string" + scope: + type: "string" statuses: items: type: "string" @@ -367,7 +376,11 @@ spec: type: "array" type: "object" type: "array" + statusExpr: + description: "statusExpr allows defining a cel expression to evaluate the status of a component\nbased on the summary and the related config" + type: "string" summary: + description: "Summary is the health, incidents, insights & check summary" properties: checks: additionalProperties: @@ -428,6 +441,8 @@ spec: type: "string" namespace: type: "string" + scope: + type: "string" statuses: items: type: "string" @@ -469,6 +484,8 @@ spec: type: "string" namespace: type: "string" + scope: + type: "string" statuses: items: type: "string" @@ -535,6 +552,8 @@ spec: type: "string" namespace: type: "string" + scope: + type: "string" statuses: items: type: "string" @@ -639,8 +658,373 @@ spec: type: "integer" type: "object" type: "array" + push: + description: "Agent will push topology to specified path" + properties: + bearer: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + connection: + type: "string" + oauth: + properties: + clientID: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + clientSecret: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + params: + additionalProperties: + type: "string" + type: "object" + scope: + items: + type: "string" + type: "array" + tokenURL: + type: "string" + type: "object" + password: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + tls: + properties: + ca: + description: "PEM encoded certificate of the CA to verify the server certificate" + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + cert: + description: "PEM encoded client certificate" + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + handshakeTimeout: + description: "HandshakeTimeout defaults to 10 seconds" + format: "int64" + type: "integer" + insecureSkipVerify: + description: "InsecureSkipVerify controls whether a client verifies the server's\ncertificate chain and host name" + type: "boolean" + key: + description: "PEM encoded client private key" + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + type: "object" + url: + type: "string" + username: + properties: + name: + type: "string" + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + helmRef: + properties: + key: + description: "Key is a JSONPath expression used to fetch the key from the merged JSON." + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + secretKeyRef: + properties: + key: + type: "string" + name: + type: "string" + required: + - "key" + type: "object" + serviceAccount: + description: "ServiceAccount specifies the service account whose token should be fetched" + type: "string" + type: "object" + type: "object" + type: "object" schedule: type: "string" + statusExpr: + description: "statusExpr allows defining a cel expression to evaluate the status of a component\nbased on the summary and the related config" + type: "string" text: type: "string" tooltip: diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfilters.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfilters.yaml index dea6209dd..cca26a3ab 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfilters.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfilters.yaml @@ -149,12 +149,19 @@ spec: kubeMetaCacheTTL: description: "configurable TTL for K8s cached metadata. By default, it is set to 0\nwhich means TTL for cache entries is disabled and cache entries are evicted at random\nwhen capacity is reached. In order to enable this option, you should set the number to a time interval.\nFor example, set this value to 60 or 60s and cache entries which have been created more than 60s will be evicted." type: "string" + kubeMetaNamespaceCacheTTL: + description: "Configurable TTL for K8s cached namespace metadata.\nBy default, it is set to 900 which means a 15min TTL for namespace cache entries.\nSetting this to 0 will mean entries are evicted at random once the cache is full." + format: "int32" + type: "integer" kubeMetaPreloadCacheDir: description: "If set, Kubernetes meta-data can be cached/pre-loaded from files in JSON format in this directory,\nnamed as namespace-pod.meta" type: "string" kubeTagPrefix: description: "When the source records comes from Tail input plugin,\nthis option allows to specify what's the prefix used in Tail configuration." type: "string" + kubeTokenCommand: + description: "Command to get Kubernetes authorization token.\nBy default, it will be NULL and we will use token file to get token." + type: "string" kubeTokenFile: description: "Token file" type: "string" @@ -186,6 +193,15 @@ spec: mergeParser: description: "Optional parser name to specify how to parse the data contained in the log key. Recommended use is for developers or testing only." type: "string" + namespaceAnnotations: + description: "Include Kubernetes namespace resource annotations in the extra metadata." + type: "boolean" + namespaceLabels: + description: "Include Kubernetes namespace resource labels in the extra metadata." + type: "boolean" + namespaceMetadataOnly: + description: "Include Kubernetes namespace metadata only and no pod metadata.\nIf this is set, the values of Labels and Annotations are ignored." + type: "boolean" regexParser: description: "Set an alternative Parser to process record Tag and extract pod_name, namespace_name, container_name and docker_id.\nThe parser must be registered in a parsers file (refer to parser filter-kube-test as an example)." type: "string" @@ -233,7 +249,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfluentbitconfigs.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfluentbitconfigs.yaml index 092c93aba..dc271194a 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfluentbitconfigs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfluentbitconfigs.yaml @@ -56,11 +56,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -87,11 +89,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -118,11 +122,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -152,11 +158,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -183,11 +191,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterinputs.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterinputs.yaml index ff2d3771c..d3f59285c 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterinputs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterinputs.yaml @@ -195,7 +195,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -357,6 +358,12 @@ spec: description: "It allows to set successful response code. 200, 201 and 204 are supported(default 201)." format: "int32" type: "integer" + tag: + description: "opentelemetry uses the tag value for incoming metrics." + type: "string" + tagFromURI: + description: "If true, tag will be created from uri. e.g. v1_metrics from /v1/metrics" + type: "boolean" tagKey: description: "Specify the key name to overwrite a tag. If set, the tag will be overwritten by a value of the key." type: "string" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusteroutputs.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusteroutputs.yaml index 8e78fe62e..3a4db93f7 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusteroutputs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusteroutputs.yaml @@ -127,7 +127,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -176,7 +177,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -215,7 +217,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -242,7 +245,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -366,7 +370,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -469,7 +474,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -493,7 +499,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -640,7 +647,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -808,7 +816,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -881,7 +890,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -912,7 +922,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1050,7 +1061,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1126,7 +1138,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1150,7 +1163,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1261,7 +1275,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1312,7 +1327,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1336,7 +1352,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1360,7 +1377,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1479,7 +1497,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1596,6 +1615,31 @@ spec: - "on" - "off" type: "string" + bearerToken: + description: "Set bearer token authentication token value.\nCan be used as alterntative to HTTP basic authentication" + properties: + valueFrom: + description: "ValueSource defines how to find a value's key." + properties: + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" dropSingleKey: description: "If set to true and after extracting labels only a single key remains, the log line sent to Loki will be the value of that key in line_format." enum: @@ -1618,7 +1662,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1642,7 +1687,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1743,7 +1789,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1795,7 +1842,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1813,6 +1861,9 @@ spec: description: "Hostname to be used for TLS SNI extension" type: "string" type: "object" + uri: + description: "Specify a custom HTTP URI. It must start with forward slash." + type: "string" required: - "host" type: "object" @@ -1851,6 +1902,10 @@ spec: description: "Specify the buffer size used to read the response from the OpenSearch HTTP service.\nThis option is useful for debugging purposes where is required to read full responses,\nnote that response size grows depending of the number of records inserted.\nTo set an unlimited amount of memory set this value to False,\notherwise the value must be according to the Unit Size specification." pattern: "^\\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$" type: "string" + compress: + enum: + - "gzip" + type: "string" currentTimeIndex: description: "Use current time for index generation instead of message record" type: "boolean" @@ -1873,7 +1928,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1897,7 +1953,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2044,7 +2101,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2107,7 +2165,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2131,7 +2190,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2245,7 +2305,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2320,7 +2381,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2344,7 +2406,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2452,7 +2515,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2606,7 +2670,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2690,7 +2755,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2714,7 +2780,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2794,7 +2861,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2843,7 +2911,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2930,7 +2999,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2954,7 +3024,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -3132,7 +3203,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -3266,7 +3338,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/collectors.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/collectors.yaml index 324f7ef51..41ad94d1d 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/collectors.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/collectors.yaml @@ -61,11 +61,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -82,11 +84,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -98,6 +102,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -122,11 +127,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -143,14 +150,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -168,7 +178,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -186,11 +196,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -198,6 +210,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -217,11 +241,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -234,6 +260,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -249,13 +276,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -273,11 +301,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -285,6 +315,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -304,11 +346,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -321,6 +365,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -328,6 +373,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -341,7 +387,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -359,11 +405,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -371,6 +419,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -390,11 +450,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -407,6 +469,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -422,13 +485,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -446,11 +510,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -458,6 +524,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -477,11 +555,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -494,6 +574,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -501,6 +582,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" annotations: @@ -537,7 +619,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -614,6 +697,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -653,21 +737,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -684,7 +753,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -706,11 +775,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -721,6 +792,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -736,6 +810,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" + allocatedResourceStatuses: + additionalProperties: + description: "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it." + type: "string" + description: "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + type: "object" + x-kubernetes-map-type: "granular" allocatedResources: additionalProperties: anyOf: @@ -743,7 +825,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may\nbe larger than the actual capacity when a volume expansion operation is requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + description: "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: "object" capacity: additionalProperties: @@ -755,9 +837,9 @@ spec: description: "capacity represents the actual resources of the underlying volume." type: "object" conditions: - description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being\nresized then the Condition will be set to 'ResizeStarted'." + description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being\nresized then the Condition will be set to 'Resizing'." items: - description: "PersistentVolumeClaimCondition contails details about state of pvc" + description: "PersistentVolumeClaimCondition contains details about state of pvc" properties: lastProbeTime: description: "lastProbeTime is the time we probed the condition." @@ -771,7 +853,7 @@ spec: description: "message is the human-readable message indicating details about last transition." type: "string" reason: - description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"ResizeStarted\" that means the underlying\npersistent volume is being resized." + description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"Resizing\" that means the underlying\npersistent volume is being resized." type: "string" status: type: "string" @@ -783,12 +865,27 @@ spec: - "type" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + currentVolumeAttributesClassName: + description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + type: "string" + modifyVolumeStatus: + description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + properties: + status: + description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately." + type: "string" + targetVolumeAttributesClassName: + description: "targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled" + type: "string" + required: + - "status" + type: "object" phase: description: "phase represents the current phase of PersistentVolumeClaim." type: "string" - resizeStatus: - description: "resizeStatus stores status of resize operation.\nResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty\nstring by resize controller or kubelet.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." - type: "string" type: "object" type: "object" rbacRules: @@ -801,26 +898,31 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" nonResourceURLs: description: "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path\nSince non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.\nRules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" resourceNames: description: "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" resources: description: "Resources is a list of resources this rule applies to. '*' represents all resources." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" verbs: description: "Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "verbs" type: "object" @@ -859,7 +961,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" runtimeClassName: @@ -876,6 +978,18 @@ spec: securityContext: description: "SecurityContext holds pod-level security attributes and common container settings." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -914,7 +1028,7 @@ spec: description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." @@ -928,6 +1042,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -944,6 +1059,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -954,7 +1070,7 @@ spec: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." @@ -1079,6 +1195,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -1092,7 +1209,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1115,7 +1233,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1152,8 +1271,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -1173,7 +1294,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1201,7 +1323,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1244,6 +1366,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -1255,7 +1378,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" @@ -1293,6 +1416,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -1332,21 +1456,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -1363,7 +1472,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -1385,11 +1494,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1400,6 +1511,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -1429,11 +1543,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -1456,7 +1572,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1565,6 +1682,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -1572,7 +1690,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1654,6 +1773,57 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -1677,8 +1847,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -1694,7 +1866,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1737,6 +1909,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -1761,8 +1934,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -1787,6 +1962,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -1830,6 +2006,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -1840,7 +2017,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1870,7 +2048,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1921,6 +2100,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -1941,7 +2121,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1983,7 +2164,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1991,6 +2172,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/filters.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/filters.yaml index 7690bf4a9..f7b71d15b 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/filters.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/filters.yaml @@ -149,12 +149,19 @@ spec: kubeMetaCacheTTL: description: "configurable TTL for K8s cached metadata. By default, it is set to 0\nwhich means TTL for cache entries is disabled and cache entries are evicted at random\nwhen capacity is reached. In order to enable this option, you should set the number to a time interval.\nFor example, set this value to 60 or 60s and cache entries which have been created more than 60s will be evicted." type: "string" + kubeMetaNamespaceCacheTTL: + description: "Configurable TTL for K8s cached namespace metadata.\nBy default, it is set to 900 which means a 15min TTL for namespace cache entries.\nSetting this to 0 will mean entries are evicted at random once the cache is full." + format: "int32" + type: "integer" kubeMetaPreloadCacheDir: description: "If set, Kubernetes meta-data can be cached/pre-loaded from files in JSON format in this directory,\nnamed as namespace-pod.meta" type: "string" kubeTagPrefix: description: "When the source records comes from Tail input plugin,\nthis option allows to specify what's the prefix used in Tail configuration." type: "string" + kubeTokenCommand: + description: "Command to get Kubernetes authorization token.\nBy default, it will be NULL and we will use token file to get token." + type: "string" kubeTokenFile: description: "Token file" type: "string" @@ -186,6 +193,15 @@ spec: mergeParser: description: "Optional parser name to specify how to parse the data contained in the log key. Recommended use is for developers or testing only." type: "string" + namespaceAnnotations: + description: "Include Kubernetes namespace resource annotations in the extra metadata." + type: "boolean" + namespaceLabels: + description: "Include Kubernetes namespace resource labels in the extra metadata." + type: "boolean" + namespaceMetadataOnly: + description: "Include Kubernetes namespace metadata only and no pod metadata.\nIf this is set, the values of Labels and Annotations are ignored." + type: "boolean" regexParser: description: "Set an alternative Parser to process record Tag and extract pod_name, namespace_name, container_name and docker_id.\nThe parser must be registered in a parsers file (refer to parser filter-kube-test as an example)." type: "string" @@ -233,7 +249,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbitconfigs.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbitconfigs.yaml index feb1a41d6..028fd15b0 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbitconfigs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbitconfigs.yaml @@ -50,11 +50,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -81,11 +83,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -112,11 +116,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -143,11 +149,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -174,11 +182,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -205,11 +215,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbits.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbits.yaml index 3e6faeb51..70f53c832 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbits.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbits.yaml @@ -61,11 +61,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -82,11 +84,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -98,6 +102,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -122,11 +127,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -143,14 +150,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -168,7 +178,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -186,11 +196,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -198,6 +210,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -217,11 +241,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -234,6 +260,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -249,13 +276,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -273,11 +301,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -285,6 +315,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -304,11 +346,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -321,6 +365,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -328,6 +373,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -341,7 +387,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -359,11 +405,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -371,6 +419,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -390,11 +450,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -407,6 +469,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -422,13 +485,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -446,11 +510,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -458,6 +524,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -477,11 +555,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -494,6 +574,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -501,6 +582,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" annotations: @@ -527,6 +609,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -536,12 +630,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -583,7 +679,7 @@ spec: description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." @@ -601,7 +697,7 @@ spec: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." @@ -638,7 +734,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -687,7 +784,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -719,7 +817,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -734,11 +833,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -760,7 +861,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -809,7 +911,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -823,6 +926,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -832,7 +938,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -846,7 +953,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -855,6 +963,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -875,6 +984,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -888,7 +998,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name" + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -898,6 +1008,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -913,6 +1024,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -940,6 +1061,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -953,7 +1075,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name" + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -963,6 +1085,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -978,6 +1101,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -1006,13 +1139,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1036,7 +1170,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name" + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1046,6 +1180,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1142,13 +1277,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1172,7 +1308,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name" + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1182,6 +1318,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1233,6 +1370,23 @@ spec: format: "int32" type: "integer" type: "object" + resizePolicy: + description: "Resources resize policy for the container." + items: + description: "ContainerResizePolicy represents resource resize policy for the container." + properties: + resourceName: + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." + type: "string" + restartPolicy: + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." + type: "string" + required: + - "resourceName" + - "restartPolicy" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" resources: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: @@ -1267,15 +1421,30 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" + restartPolicy: + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." + type: "string" securityContext: description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1285,12 +1454,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1332,7 +1503,7 @@ spec: description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." @@ -1350,7 +1521,7 @@ spec: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." @@ -1368,13 +1539,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1398,7 +1570,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name" + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1408,6 +1580,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1490,6 +1663,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -1499,7 +1675,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1507,6 +1683,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1518,6 +1697,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -1548,13 +1730,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1578,7 +1761,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name" + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1588,6 +1771,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1662,11 +1846,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1777,6 +1963,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -1790,7 +1977,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1813,7 +2001,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1850,8 +2039,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -1871,7 +2062,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1899,7 +2091,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1942,6 +2134,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -1953,7 +2146,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" @@ -1991,6 +2184,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -2030,21 +2224,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -2061,7 +2240,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -2083,11 +2262,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2098,6 +2279,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -2127,11 +2311,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -2154,7 +2340,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2263,6 +2450,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -2270,7 +2458,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2349,6 +2538,57 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -2372,8 +2612,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -2389,7 +2631,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -2432,6 +2674,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -2456,8 +2699,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -2482,6 +2727,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -2525,6 +2771,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -2535,7 +2782,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2565,7 +2813,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2616,6 +2865,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -2636,7 +2886,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2679,26 +2930,31 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" nonResourceURLs: description: "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path\nSince non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.\nRules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" resourceNames: description: "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" resources: description: "Resources is a list of resources this rule applies to. '*' represents all resources." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" verbs: description: "Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "verbs" type: "object" @@ -2714,13 +2970,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2744,7 +3001,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name" + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2754,6 +3011,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2839,7 +3097,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" runtimeClassName: @@ -2856,6 +3114,18 @@ spec: securityContext: description: "SecurityContext holds pod-level security attributes and common container settings." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -2894,7 +3164,7 @@ spec: description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." @@ -2908,6 +3178,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -2924,6 +3195,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -2934,7 +3206,7 @@ spec: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." @@ -3063,6 +3335,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -3076,7 +3349,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3099,7 +3373,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3136,8 +3411,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3157,7 +3434,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3185,7 +3463,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -3228,6 +3506,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -3239,7 +3518,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" @@ -3277,6 +3556,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -3316,21 +3596,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -3347,7 +3612,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -3369,11 +3634,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3384,6 +3651,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -3413,11 +3683,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -3440,7 +3712,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3549,6 +3822,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -3556,7 +3830,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3638,6 +3913,57 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -3661,8 +3987,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3678,7 +4006,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -3721,6 +4049,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -3745,8 +4074,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -3771,6 +4102,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -3814,6 +4146,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -3824,7 +4157,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3854,7 +4188,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3905,6 +4240,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -3925,7 +4261,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3967,7 +4304,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -3975,6 +4312,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/outputs.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/outputs.yaml index e47061a4a..6fd7052b9 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/outputs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/outputs.yaml @@ -127,7 +127,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -176,7 +177,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -215,7 +217,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -242,7 +245,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -366,7 +370,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -469,7 +474,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -493,7 +499,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -640,7 +647,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -808,7 +816,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -881,7 +890,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -912,7 +922,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1050,7 +1061,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1126,7 +1138,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1150,7 +1163,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1261,7 +1275,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1312,7 +1327,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1336,7 +1352,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1360,7 +1377,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1479,7 +1497,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1596,6 +1615,31 @@ spec: - "on" - "off" type: "string" + bearerToken: + description: "Set bearer token authentication token value.\nCan be used as alterntative to HTTP basic authentication" + properties: + valueFrom: + description: "ValueSource defines how to find a value's key." + properties: + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" dropSingleKey: description: "If set to true and after extracting labels only a single key remains, the log line sent to Loki will be the value of that key in line_format." enum: @@ -1618,7 +1662,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1642,7 +1687,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1743,7 +1789,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1795,7 +1842,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1813,6 +1861,9 @@ spec: description: "Hostname to be used for TLS SNI extension" type: "string" type: "object" + uri: + description: "Specify a custom HTTP URI. It must start with forward slash." + type: "string" required: - "host" type: "object" @@ -1851,6 +1902,10 @@ spec: description: "Specify the buffer size used to read the response from the OpenSearch HTTP service.\nThis option is useful for debugging purposes where is required to read full responses,\nnote that response size grows depending of the number of records inserted.\nTo set an unlimited amount of memory set this value to False,\notherwise the value must be according to the Unit Size specification." pattern: "^\\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$" type: "string" + compress: + enum: + - "gzip" + type: "string" currentTimeIndex: description: "Use current time for index generation instead of message record" type: "boolean" @@ -1873,7 +1928,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1897,7 +1953,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2044,7 +2101,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2107,7 +2165,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2131,7 +2190,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2245,7 +2305,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2320,7 +2381,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2344,7 +2406,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2452,7 +2515,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2606,7 +2670,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2690,7 +2755,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2714,7 +2780,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2794,7 +2861,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2843,7 +2911,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2930,7 +2999,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2954,7 +3024,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -3132,7 +3203,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -3266,7 +3338,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" diff --git a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusterfluentdconfigs.yaml b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusterfluentdconfigs.yaml index fe467ec87..37a08b701 100644 --- a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusterfluentdconfigs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusterfluentdconfigs.yaml @@ -50,11 +50,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -81,11 +83,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -112,11 +116,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusterinputs.yaml b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusterinputs.yaml index c07c795cb..3d3bf1ea5 100644 --- a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusterinputs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusterinputs.yaml @@ -119,7 +119,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -143,7 +144,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -224,7 +226,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -248,7 +251,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" diff --git a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusteroutputs.yaml b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusteroutputs.yaml index 2e6f6e9cf..9da49847a 100644 --- a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusteroutputs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusteroutputs.yaml @@ -209,7 +209,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -233,7 +234,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -370,7 +372,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -476,7 +479,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -500,7 +504,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -524,7 +529,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -585,7 +591,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -643,7 +650,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -680,7 +688,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -704,7 +713,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -728,7 +738,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -798,7 +809,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -856,7 +868,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1014,7 +1027,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1038,7 +1052,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1088,7 +1103,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1124,7 +1140,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1198,7 +1215,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1234,7 +1252,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1329,7 +1348,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1353,7 +1373,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1509,6 +1530,9 @@ spec: loki: description: "out_loki plugin" properties: + bearerTokenFile: + description: "Set path to file with bearer authentication token\nCan be used as alterntative to HTTP basic authentication" + type: "string" dropSingleKey: description: "If a record only has 1 key, then just set the log line to the value and discard the key." type: "boolean" @@ -1528,7 +1552,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1552,7 +1577,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1603,7 +1629,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1660,7 +1687,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1683,6 +1711,9 @@ spec: scheme: description: "Specify https if your Opensearch endpoint supports SSL (default: http)." type: "string" + sslVerify: + description: "Optional, Force certificate validation" + type: "boolean" user: description: "Optional, The login credentials to connect to Opensearch" properties: @@ -1696,7 +1727,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" diff --git a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/fluentdconfigs.yaml b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/fluentdconfigs.yaml index f245edc46..cfbaebbc1 100644 --- a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/fluentdconfigs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/fluentdconfigs.yaml @@ -50,11 +50,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -81,11 +83,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -112,11 +116,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -149,11 +155,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -180,11 +188,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -211,11 +221,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/fluentds.yaml b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/fluentds.yaml index 7fc72244f..75310bc68 100644 --- a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/fluentds.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/fluentds.yaml @@ -61,11 +61,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -82,11 +84,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -98,6 +102,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -122,11 +127,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -143,14 +150,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -168,7 +178,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -186,11 +196,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -198,6 +210,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -217,11 +241,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -234,6 +260,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -249,13 +276,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -273,11 +301,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -285,6 +315,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -304,11 +346,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -321,6 +365,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -328,6 +373,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -341,7 +387,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -359,11 +405,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -371,6 +419,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -390,11 +450,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -407,6 +469,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -422,13 +485,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -446,11 +510,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -458,6 +524,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -477,11 +555,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -494,6 +574,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -501,6 +582,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" annotations: @@ -529,7 +611,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" @@ -582,6 +664,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -621,21 +704,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -652,7 +720,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -674,11 +742,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -689,6 +759,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -704,6 +777,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" + allocatedResourceStatuses: + additionalProperties: + description: "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it." + type: "string" + description: "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + type: "object" + x-kubernetes-map-type: "granular" allocatedResources: additionalProperties: anyOf: @@ -711,7 +792,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may\nbe larger than the actual capacity when a volume expansion operation is requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + description: "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: "object" capacity: additionalProperties: @@ -723,9 +804,9 @@ spec: description: "capacity represents the actual resources of the underlying volume." type: "object" conditions: - description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being\nresized then the Condition will be set to 'ResizeStarted'." + description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being\nresized then the Condition will be set to 'Resizing'." items: - description: "PersistentVolumeClaimCondition contails details about state of pvc" + description: "PersistentVolumeClaimCondition contains details about state of pvc" properties: lastProbeTime: description: "lastProbeTime is the time we probed the condition." @@ -739,7 +820,7 @@ spec: description: "message is the human-readable message indicating details about last transition." type: "string" reason: - description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"ResizeStarted\" that means the underlying\npersistent volume is being resized." + description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"Resizing\" that means the underlying\npersistent volume is being resized." type: "string" status: type: "string" @@ -751,12 +832,27 @@ spec: - "type" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + currentVolumeAttributesClassName: + description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + type: "string" + modifyVolumeStatus: + description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + properties: + status: + description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately." + type: "string" + targetVolumeAttributesClassName: + description: "targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled" + type: "string" + required: + - "status" + type: "object" phase: description: "phase represents the current phase of PersistentVolumeClaim." type: "string" - resizeStatus: - description: "resizeStatus stores status of resize operation.\nResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty\nstring by resize controller or kubelet.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." - type: "string" type: "object" type: "object" type: "object" @@ -766,6 +862,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -775,12 +883,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -822,7 +932,7 @@ spec: description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." @@ -840,7 +950,7 @@ spec: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." @@ -866,11 +976,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -897,11 +1009,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -928,11 +1042,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -964,7 +1080,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1013,7 +1130,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1046,11 +1164,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1147,7 +1267,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1171,7 +1292,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1252,7 +1374,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1276,7 +1399,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1763,7 +1887,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1779,13 +1904,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1809,7 +1935,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name" + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1819,6 +1945,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1964,6 +2091,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -1977,7 +2105,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2000,7 +2129,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2037,8 +2167,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -2058,7 +2190,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2086,7 +2219,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -2129,6 +2262,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -2140,7 +2274,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" @@ -2178,6 +2312,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -2217,21 +2352,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -2248,7 +2368,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -2270,11 +2390,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2285,6 +2407,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -2314,11 +2439,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -2341,7 +2468,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2450,6 +2578,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -2457,7 +2586,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2536,6 +2666,57 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -2559,8 +2740,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -2576,7 +2759,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -2619,6 +2802,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -2643,8 +2827,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -2669,6 +2855,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -2712,6 +2899,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -2722,7 +2910,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2752,7 +2941,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2803,6 +2993,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -2823,7 +3014,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2866,26 +3058,31 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" nonResourceURLs: description: "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path\nSince non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.\nRules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" resourceNames: description: "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" resources: description: "Resources is a list of resources this rule applies to. '*' represents all resources." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" verbs: description: "Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "verbs" type: "object" @@ -2901,13 +3098,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port.\nThis is a beta field and requires enabling GRPCContainerProbe feature gate." + description: "GRPC specifies an action involving a GRPC port." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2931,7 +3129,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name" + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2941,6 +3139,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -3030,7 +3229,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" runtimeClassName: @@ -3042,6 +3241,18 @@ spec: securityContext: description: "PodSecurityContext represents the security context for the fluentd pods." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -3080,7 +3291,7 @@ spec: description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." @@ -3094,6 +3305,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -3110,6 +3322,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -3120,7 +3333,7 @@ spec: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." @@ -3211,6 +3424,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -3250,21 +3464,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -3281,7 +3480,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -3303,11 +3502,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3318,6 +3519,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -3333,6 +3537,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" + allocatedResourceStatuses: + additionalProperties: + description: "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it." + type: "string" + description: "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + type: "object" + x-kubernetes-map-type: "granular" allocatedResources: additionalProperties: anyOf: @@ -3340,7 +3552,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may\nbe larger than the actual capacity when a volume expansion operation is requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + description: "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: "object" capacity: additionalProperties: @@ -3352,9 +3564,9 @@ spec: description: "capacity represents the actual resources of the underlying volume." type: "object" conditions: - description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being\nresized then the Condition will be set to 'ResizeStarted'." + description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being\nresized then the Condition will be set to 'Resizing'." items: - description: "PersistentVolumeClaimCondition contails details about state of pvc" + description: "PersistentVolumeClaimCondition contains details about state of pvc" properties: lastProbeTime: description: "lastProbeTime is the time we probed the condition." @@ -3368,7 +3580,7 @@ spec: description: "message is the human-readable message indicating details about last transition." type: "string" reason: - description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"ResizeStarted\" that means the underlying\npersistent volume is being resized." + description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"Resizing\" that means the underlying\npersistent volume is being resized." type: "string" status: type: "string" @@ -3380,12 +3592,27 @@ spec: - "type" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + currentVolumeAttributesClassName: + description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + type: "string" + modifyVolumeStatus: + description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + properties: + status: + description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately." + type: "string" + targetVolumeAttributesClassName: + description: "targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled" + type: "string" + required: + - "status" + type: "object" phase: description: "phase represents the current phase of PersistentVolumeClaim." type: "string" - resizeStatus: - description: "resizeStatus stores status of resize operation.\nResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty\nstring by resize controller or kubelet.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." - type: "string" type: "object" type: "object" type: "array" @@ -3398,7 +3625,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -3406,6 +3633,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -3490,6 +3720,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -3503,7 +3734,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3526,7 +3758,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3563,8 +3796,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3584,7 +3819,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3612,7 +3848,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -3655,6 +3891,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -3666,7 +3903,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" @@ -3704,6 +3941,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -3743,21 +3981,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -3774,7 +3997,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -3796,11 +4019,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3811,6 +4036,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -3840,11 +4068,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -3867,7 +4097,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3976,6 +4207,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -3983,7 +4215,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4065,6 +4298,57 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -4088,8 +4372,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -4105,7 +4391,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -4148,6 +4434,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -4172,8 +4459,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -4198,6 +4487,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -4241,6 +4531,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -4251,7 +4542,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4281,7 +4573,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4332,6 +4625,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -4352,7 +4646,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/inputs.yaml b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/inputs.yaml index 13d70c214..c570b2e38 100644 --- a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/inputs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/inputs.yaml @@ -119,7 +119,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -143,7 +144,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -224,7 +226,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -248,7 +251,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" diff --git a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/outputs.yaml b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/outputs.yaml index 8c290bb3e..31546433e 100644 --- a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/outputs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/outputs.yaml @@ -209,7 +209,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -233,7 +234,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -370,7 +372,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -476,7 +479,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -500,7 +504,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -524,7 +529,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -585,7 +591,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -643,7 +650,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -680,7 +688,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -704,7 +713,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -728,7 +738,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -798,7 +809,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -856,7 +868,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1014,7 +1027,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1038,7 +1052,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1088,7 +1103,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1124,7 +1140,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1198,7 +1215,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1234,7 +1252,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1329,7 +1348,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1353,7 +1373,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1509,6 +1530,9 @@ spec: loki: description: "out_loki plugin" properties: + bearerTokenFile: + description: "Set path to file with bearer authentication token\nCan be used as alterntative to HTTP basic authentication" + type: "string" dropSingleKey: description: "If a record only has 1 key, then just set the log line to the value and discard the key." type: "boolean" @@ -1528,7 +1552,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1552,7 +1577,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1603,7 +1629,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1660,7 +1687,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1683,6 +1711,9 @@ spec: scheme: description: "Specify https if your Opensearch endpoint supports SSL (default: http)." type: "string" + sslVerify: + description: "Optional, Force certificate validation" + type: "boolean" user: description: "Optional, The login credentials to connect to Opensearch" properties: @@ -1696,7 +1727,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" diff --git a/crd-catalog/flux-framework/flux-operator/flux-framework.org/v1alpha2/miniclusters.yaml b/crd-catalog/flux-framework/flux-operator/flux-framework.org/v1alpha2/miniclusters.yaml index 7317ce6fe..84e84d360 100644 --- a/crd-catalog/flux-framework/flux-operator/flux-framework.org/v1alpha2/miniclusters.yaml +++ b/crd-catalog/flux-framework/flux-operator/flux-framework.org/v1alpha2/miniclusters.yaml @@ -189,6 +189,9 @@ spec: emptyDirMedium: description: "Add an empty directory custom type" type: "string" + emptyDirSizeLimit: + description: "Add an empty directory sizeLimit" + type: "string" hostPath: description: "An existing hostPath to bind to path" type: "string" @@ -424,6 +427,9 @@ spec: type: "string" description: "Annotations for each pod" type: "object" + automountServiceAccountToken: + description: "Automatically mount the service account name" + type: "boolean" labels: additionalProperties: type: "string" @@ -442,6 +448,12 @@ spec: x-kubernetes-int-or-string: true description: "Resources include limits and requests" type: "object" + restartPolicy: + description: "Restart Policy" + type: "string" + runtimeClassName: + description: "RuntimeClassName for the pod" + type: "string" schedulerName: description: "Scheduler name for the pod" type: "string" @@ -598,6 +610,9 @@ spec: emptyDirMedium: description: "Add an empty directory custom type" type: "string" + emptyDirSizeLimit: + description: "Add an empty directory sizeLimit" + type: "string" hostPath: description: "An existing hostPath to bind to path" type: "string" diff --git a/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1beta2/buckets.yaml b/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1beta2/buckets.yaml index 7c60bdb21..d63831f28 100644 --- a/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1beta2/buckets.yaml +++ b/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1beta2/buckets.yaml @@ -97,6 +97,15 @@ spec: - "gcp" - "azure" type: "string" + proxySecretRef: + description: "ProxySecretRef specifies the Secret containing the proxy configuration\nto use while communicating with the Bucket server.\n\n\nOnly supported for the generic provider." + properties: + name: + description: "Name of the referent." + type: "string" + required: + - "name" + type: "object" region: description: "Region of the Endpoint where the BucketName is located in." type: "string" diff --git a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanadashboards.yaml b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanadashboards.yaml index 76f22a495..becb8f524 100644 --- a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanadashboards.yaml +++ b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanadashboards.yaml @@ -170,6 +170,12 @@ spec: folder: description: "folder assignment for dashboard" type: "string" + folderRef: + description: "Name of a `GrafanaFolder` resource in the same namespace" + type: "string" + folderUID: + description: "UID of the target folder for this dashboard" + type: "string" grafanaCom: description: "grafana.com/dashboards" properties: @@ -267,12 +273,60 @@ spec: required: - "instanceSelector" type: "object" + x-kubernetes-validations: + - message: "Only one of folderUID or folderRef can be declared at the same time" + rule: "(has(self.folderUID) && !(has(self.folderRef))) || (has(self.folderRef) && !(has(self.folderUID))) || !(has(self.folderRef) && (has(self.folderUID)))" + - message: "folder field cannot be set when folderUID or folderRef is already declared" + rule: "(has(self.folder) && !(has(self.folderRef) || has(self.folderUID))) || !(has(self.folder))" status: description: "GrafanaDashboardStatus defines the observed state of GrafanaDashboard" properties: NoMatchingInstances: description: "The dashboard instanceSelector can't find matching grafana instances" type: "boolean" + conditions: + items: + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" contentCache: format: "byte" type: "string" diff --git a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanafolders.yaml b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanafolders.yaml index 8123c1100..b62abc6c1 100644 --- a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanafolders.yaml +++ b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanafolders.yaml @@ -75,6 +75,12 @@ spec: x-kubernetes-validations: - message: "Value is immutable" rule: "self == oldSelf" + parentFolderRef: + description: "Reference to an existing GrafanaFolder CR in the same namespace" + type: "string" + parentFolderUID: + description: "UID of the folder in which the current folder should be created" + type: "string" permissions: description: "raw json with folder permissions" type: "string" @@ -89,12 +95,58 @@ spec: required: - "instanceSelector" type: "object" + x-kubernetes-validations: + - message: "Only one of parentFolderUID or parentFolderRef can be set" + rule: "(has(self.parentFolderUID) && !(has(self.parentFolderRef))) || (has(self.parentFolderRef) && !(has(self.parentFolderUID))) || !(has(self.parentFolderRef) && (has(self.parentFolderUID)))" status: description: "GrafanaFolderStatus defines the observed state of GrafanaFolder" properties: NoMatchingInstances: description: "The folder instanceSelector can't find matching grafana instances" type: "boolean" + conditions: + items: + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" hash: description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster\nImportant: Run \"make\" to regenerate code after modifying this file" type: "string" @@ -102,6 +154,8 @@ spec: description: "Last time the folder was resynced" format: "date-time" type: "string" + required: + - "conditions" type: "object" type: "object" served: true diff --git a/crd-catalog/grafana/k6-operator/k6.io/v1alpha1/k6s.yaml b/crd-catalog/grafana/k6-operator/k6.io/v1alpha1/k6s.yaml index 2630a9a56..ebb50771a 100644 --- a/crd-catalog/grafana/k6-operator/k6.io/v1alpha1/k6s.yaml +++ b/crd-catalog/grafana/k6-operator/k6.io/v1alpha1/k6s.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "k6s.k6.io" spec: group: "k6.io" @@ -3536,6 +3536,8 @@ spec: type: "string" name: type: "string" + readOnly: + type: "boolean" required: - "name" type: "object" diff --git a/crd-catalog/grafana/k6-operator/k6.io/v1alpha1/privateloadzones.yaml b/crd-catalog/grafana/k6-operator/k6.io/v1alpha1/privateloadzones.yaml index d2a174a69..5572ad6dc 100644 --- a/crd-catalog/grafana/k6-operator/k6.io/v1alpha1/privateloadzones.yaml +++ b/crd-catalog/grafana/k6-operator/k6.io/v1alpha1/privateloadzones.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "privateloadzones.k6.io" spec: group: "k6.io" @@ -25,6 +25,8 @@ spec: type: "object" spec: properties: + image: + type: "string" nodeSelector: additionalProperties: type: "string" diff --git a/crd-catalog/grafana/k6-operator/k6.io/v1alpha1/testruns.yaml b/crd-catalog/grafana/k6-operator/k6.io/v1alpha1/testruns.yaml index c596676f7..ab1940765 100644 --- a/crd-catalog/grafana/k6-operator/k6.io/v1alpha1/testruns.yaml +++ b/crd-catalog/grafana/k6-operator/k6.io/v1alpha1/testruns.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "testruns.k6.io" spec: group: "k6.io" @@ -3534,6 +3534,8 @@ spec: type: "string" name: type: "string" + readOnly: + type: "boolean" required: - "name" type: "object" diff --git a/crd-catalog/grafana/loki/loki.grafana.com/v1/lokistacks.yaml b/crd-catalog/grafana/loki/loki.grafana.com/v1/lokistacks.yaml index 644f6f2f3..d27bd6ac9 100644 --- a/crd-catalog/grafana/loki/loki.grafana.com/v1/lokistacks.yaml +++ b/crd-catalog/grafana/loki/loki.grafana.com/v1/lokistacks.yaml @@ -125,6 +125,10 @@ spec: description: "MaxQuerySeries defines the maximum of unique series\nthat is returned by a metric query." format: "int32" type: "integer" + maxVolumeSeries: + description: "MaxVolumeSeries defines the maximum number of aggregated series in a log-volume response" + format: "int32" + type: "integer" queryTimeout: default: "3m" description: "Timeout when querying ingesters or storage during the execution of a query request." @@ -258,6 +262,10 @@ spec: description: "MaxQuerySeries defines the maximum of unique series\nthat is returned by a metric query." format: "int32" type: "integer" + maxVolumeSeries: + description: "MaxVolumeSeries defines the maximum number of aggregated series in a log-volume response" + format: "int32" + type: "integer" queryTimeout: default: "3m" description: "Timeout when querying ingesters or storage during the execution of a query request." diff --git a/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempomonolithics.yaml b/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempomonolithics.yaml index 145d9d752..75d96b3b2 100644 --- a/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempomonolithics.yaml +++ b/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempomonolithics.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.12.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "tempomonolithics.tempo.grafana.com" spec: group: "tempo.grafana.com" @@ -27,10 +27,10 @@ spec: description: "TempoMonolithic manages a Tempo deployment in monolithic mode." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -44,9 +44,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -54,16 +54,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -75,16 +75,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -105,26 +105,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -136,16 +136,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -166,7 +166,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -174,21 +174,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -200,38 +200,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -243,23 +243,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -268,26 +268,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -299,38 +299,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -342,17 +342,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -363,7 +363,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -371,21 +371,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -397,38 +397,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -440,23 +440,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -465,26 +465,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -496,38 +496,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -539,17 +539,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -575,16 +575,16 @@ spec: properties: enabled: default: true - description: "Enabled defines if OTLP over gRPC is enabled. Default: enabled." + description: "Enabled defines if OTLP over gRPC is enabled.\nDefault: enabled." type: "boolean" tls: - description: "TLS defines the TLS configuration for OTLP/gRPC ingestion." + description: "TLS defines the TLS configuration for OTLP/gRPC ingestion.\n\n\nOn OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName`\nare provided it will use OpenShift serving certificate service." properties: caName: - description: "CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). It needs to be in the same namespace as the Tempo custom resource." + description: "CA is the name of a ConfigMap containing a CA certificate (service-ca.crt).\nIt needs to be in the same namespace as the Tempo custom resource." type: "string" certName: - description: "Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). It needs to be in the same namespace as the Tempo custom resource." + description: "Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key).\nIt needs to be in the same namespace as the Tempo custom resource." type: "string" enabled: description: "Enabled defines if TLS is enabled." @@ -601,16 +601,16 @@ spec: properties: enabled: default: true - description: "Enabled defines if OTLP over HTTP is enabled. Default: enabled." + description: "Enabled defines if OTLP over HTTP is enabled.\nDefault: enabled." type: "boolean" tls: - description: "TLS defines the TLS configuration for OTLP/HTTP ingestion." + description: "TLS defines the TLS configuration for OTLP/HTTP ingestion.\n\n\nOn OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName`\nare provided it will use OpenShift serving certificate service." properties: caName: - description: "CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). It needs to be in the same namespace as the Tempo custom resource." + description: "CA is the name of a ConfigMap containing a CA certificate (service-ca.crt).\nIt needs to be in the same namespace as the Tempo custom resource." type: "string" certName: - description: "Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). It needs to be in the same namespace as the Tempo custom resource." + description: "Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key).\nIt needs to be in the same namespace as the Tempo custom resource." type: "string" enabled: description: "Enabled defines if TLS is enabled." @@ -634,15 +634,15 @@ spec: description: "Defines if the authentication will be enabled for jaeger UI." type: "boolean" resources: - description: "Resources defines the compute resource requirements of the OAuth Proxy container. The OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled." + description: "Resources defines the compute resource requirements of the OAuth Proxy container.\nThe OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -658,7 +658,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -667,11 +667,11 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" sar: - description: "SAR defines the SAR to be used in the oauth-proxy default is \"{\"namespace\": \"\", \"resource\": \"pods\", \"verb\": \"get\"}" + description: "SAR defines the SAR to be used in the oauth-proxy\ndefault is \"{\"namespace\": \"\", \"resource\": \"pods\", \"verb\": \"get\"}" type: "string" type: "object" enabled: @@ -692,7 +692,7 @@ spec: description: "Host defines the hostname of the Ingress object." type: "string" ingressClassName: - description: "IngressClassName defines the name of an IngressClass cluster resource. Defines which ingress controller serves this ingress resource." + description: "IngressClassName defines the name of an IngressClass cluster resource.\nDefines which ingress controller serves this ingress resource." type: "string" required: - "enabled" @@ -701,12 +701,12 @@ spec: description: "Resources defines the compute resource requirements of the Jaeger UI container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -722,7 +722,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -731,7 +731,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" route: @@ -766,7 +766,7 @@ spec: - "enabled" type: "object" management: - description: "ManagementState defines whether this instance is managed by the operator or self-managed. Default: Managed." + description: "ManagementState defines whether this instance is managed by the operator or self-managed.\nDefault: Managed." enum: - "Managed" - "Unmanaged" @@ -803,10 +803,10 @@ spec: type: "string" type: "object" tenantId: - description: "TenantID defines a universally unique identifier of the tenant. Unlike the tenantName, which must be unique at a given time, the tenantId must be unique over the entire lifetime of the Tempo deployment. Tempo uses this ID to prefix objects in the object storage." + description: "TenantID defines a universally unique identifier of the tenant.\nUnlike the tenantName, which must be unique at a given time, the tenantId must be unique over the entire lifetime of the Tempo deployment.\nTempo uses this ID to prefix objects in the object storage." type: "string" tenantName: - description: "TenantName defines a human readable, unique name of the tenant. The value of this field must be specified in the X-Scope-OrgID header and in the resources field of a ClusterRole to identify the tenant." + description: "TenantName defines a human readable, unique name of the tenant.\nThe value of this field must be specified in the X-Scope-OrgID header and in the resources field of a ClusterRole to identify the tenant." type: "string" required: - "tenantId" @@ -892,15 +892,15 @@ spec: - "openshift" type: "string" resources: - description: "Resources defines the compute resource requirements of the gateway container. The gateway performs authentication and authorization of incoming requests when multi-tenancy is enabled." + description: "Resources defines the compute resource requirements of the gateway container.\nThe gateway performs authentication and authorization of incoming requests when multi-tenancy is enabled." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -916,7 +916,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -925,7 +925,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" required: @@ -955,16 +955,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -976,7 +976,7 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" @@ -1011,12 +1011,12 @@ spec: description: "Resources defines the compute resource requirements of the Tempo container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1032,7 +1032,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1041,7 +1041,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" serviceAccount: @@ -1057,7 +1057,7 @@ spec: description: "Azure defines the configuration for Azure Storage." properties: secret: - description: "Secret is the name of a Secret containing credentials for accessing object storage. It needs to be in the same namespace as the TempoMonolithic custom resource." + description: "Secret is the name of a Secret containing credentials for accessing object storage.\nIt needs to be in the same namespace as the TempoMonolithic custom resource." minLength: 1 type: "string" required: @@ -1065,7 +1065,7 @@ spec: type: "object" backend: default: "memory" - description: "Backend defines the backend for storing traces. Default: memory." + description: "Backend defines the backend for storing traces.\nDefault: memory." enum: - "memory" - "pv" @@ -1077,7 +1077,7 @@ spec: description: "GCP defines the configuration for Google Cloud Storage." properties: secret: - description: "Secret is the name of a Secret containing credentials for accessing object storage. It needs to be in the same namespace as the TempoMonolithic custom resource." + description: "Secret is the name of a Secret containing credentials for accessing object storage.\nIt needs to be in the same namespace as the TempoMonolithic custom resource." minLength: 1 type: "string" required: @@ -1087,17 +1087,17 @@ spec: description: "S3 defines the configuration for Amazon S3." properties: secret: - description: "Secret is the name of a Secret containing credentials for accessing object storage. It needs to be in the same namespace as the TempoMonolithic custom resource." + description: "Secret is the name of a Secret containing credentials for accessing object storage.\nIt needs to be in the same namespace as the TempoMonolithic custom resource." minLength: 1 type: "string" tls: description: "TLS defines the TLS configuration for Amazon S3." properties: caName: - description: "CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). It needs to be in the same namespace as the Tempo custom resource." + description: "CA is the name of a ConfigMap containing a CA certificate (service-ca.crt).\nIt needs to be in the same namespace as the Tempo custom resource." type: "string" certName: - description: "Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). It needs to be in the same namespace as the Tempo custom resource." + description: "Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key).\nIt needs to be in the same namespace as the Tempo custom resource." type: "string" enabled: description: "Enabled defines if TLS is enabled." @@ -1113,7 +1113,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Size defines the size of the volume where traces are stored. For in-memory storage, this defines the size of the tmpfs volume. For persistent volume storage, this defines the size of the persistent volume. For object storage, this defines the size of the persistent volume containing the Write-Ahead Log (WAL) of Tempo. Default: 2Gi for memory, 10Gi for all other backends." + description: "Size defines the size of the volume where traces are stored.\nFor in-memory storage, this defines the size of the tmpfs volume.\nFor persistent volume storage, this defines the size of the persistent volume.\nFor object storage, this defines the size of the persistent volume containing the Write-Ahead Log (WAL) of Tempo.\nDefault: 2Gi for memory, 10Gi for all other backends." pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true required: @@ -1125,23 +1125,23 @@ spec: tolerations: description: "Tolerations defines the tolerations of a node to schedule the pod onto it." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -1163,23 +1163,23 @@ spec: conditions: description: "Conditions of the Tempo deployment health." items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -1192,7 +1192,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempostacks.yaml b/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempostacks.yaml index bdd003eb1..26caf9a78 100644 --- a/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempostacks.yaml +++ b/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempostacks.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.12.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "tempostacks.tempo.grafana.com" spec: group: "tempo.grafana.com" @@ -34,10 +34,10 @@ spec: description: "TempoStack manages a Tempo deployment in microservices mode." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -45,7 +45,7 @@ spec: description: "TempoStackSpec defines the desired state of TempoStack." properties: extraConfig: - description: "ExtraConfigSpec defines extra configurations for tempo that will be merged with the operator generated, configurations defined here has precedence and could override generated config." + description: "ExtraConfigSpec defines extra configurations for tempo that will be merged with the operator generated, configurations defined here\nhas precedence and could override generated config." properties: tempo: description: "Tempo defines any extra Tempo configuration, which will be merged with the operator's generated Tempo configuration" @@ -110,10 +110,10 @@ spec: description: "MaxBytesPerTagValues defines the maximum size in bytes of a tag-values query." type: "integer" maxSearchBytesPerTrace: - description: "DEPRECATED. MaxSearchBytesPerTrace defines the maximum size of search data for a single trace in bytes. default: `0` to disable." + description: "DEPRECATED. MaxSearchBytesPerTrace defines the maximum size of search data for a single\ntrace in bytes.\ndefault: `0` to disable." type: "integer" maxSearchDuration: - description: "MaxSearchDuration defines the maximum allowed time range for a search. If this value is not set, then spec.search.maxDuration is used." + description: "MaxSearchDuration defines the maximum allowed time range for a search.\nIf this value is not set, then spec.search.maxDuration is used." type: "string" type: "object" type: "object" @@ -144,10 +144,10 @@ spec: description: "MaxBytesPerTagValues defines the maximum size in bytes of a tag-values query." type: "integer" maxSearchBytesPerTrace: - description: "DEPRECATED. MaxSearchBytesPerTrace defines the maximum size of search data for a single trace in bytes. default: `0` to disable." + description: "DEPRECATED. MaxSearchBytesPerTrace defines the maximum size of search data for a single\ntrace in bytes.\ndefault: `0` to disable." type: "integer" maxSearchDuration: - description: "MaxSearchDuration defines the maximum allowed time range for a search. If this value is not set, then spec.search.maxDuration is used." + description: "MaxSearchDuration defines the maximum allowed time range for a search.\nIf this value is not set, then spec.search.maxDuration is used." type: "string" type: "object" type: "object" @@ -156,7 +156,7 @@ spec: type: "object" managementState: default: "Managed" - description: "ManagementState defines if the CR should be managed by the operator or not. Default is managed." + description: "ManagementState defines if the CR should be managed by the operator or not.\nDefault is managed." enum: - "Managed" - "Unmanaged" @@ -176,16 +176,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -197,7 +197,7 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" @@ -231,15 +231,15 @@ spec: description: "Resources defines resources configuration." properties: total: - description: "The total amount of resources for Tempo instance. The operator autonomously splits resources between deployed Tempo components. Only limits are supported, the operator calculates requests automatically. See http://github.com/grafana/tempo/issues/1540." + description: "The total amount of resources for Tempo instance.\nThe operator autonomously splits resources between deployed Tempo components.\nOnly limits are supported, the operator calculates requests automatically.\nSee http://github.com/grafana/tempo/issues/1540." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -255,7 +255,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -264,18 +264,18 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" type: "object" retention: - description: "NOTE: currently this field is not considered. Retention period defined by dataset. User can specify how long data should be stored." + description: "Retention period defined by dataset.\nUser can specify how long data should be stored." properties: global: description: "Global is used to configure global retention." properties: traces: - description: "Traces defines retention period. Supported parameter suffixes are \"s\", \"m\" and \"h\". example: 336h default: value is 48h." + description: "Traces defines retention period. Supported parameter suffixes are \"s\", \"m\" and \"h\".\nexample: 336h\ndefault: value is 48h." type: "string" type: "object" perTenant: @@ -283,7 +283,7 @@ spec: description: "RetentionConfig defines how long data should be provided." properties: traces: - description: "Traces defines retention period. Supported parameter suffixes are \"s\", \"m\" and \"h\". example: 336h default: value is 48h." + description: "Traces defines retention period. Supported parameter suffixes are \"s\", \"m\" and \"h\".\nexample: 336h\ndefault: value is 48h." type: "string" type: "object" description: "PerTenant is used to configure retention per tenant." @@ -299,17 +299,17 @@ spec: description: "The maximum allowed time range for a search, default: 0s which means unlimited." type: "string" maxResultLimit: - description: "The maximum allowed value of the limit parameter on search requests. If the search request limit parameter exceeds the value configured here it will be set to the value configured here. The default value of 0 disables this limit." + description: "The maximum allowed value of the limit parameter on search requests. If the search request limit parameter\nexceeds the value configured here it will be set to the value configured here.\nThe default value of 0 disables this limit." type: "integer" type: "object" serviceAccount: description: "ServiceAccount defines the service account to use for all tempo components." type: "string" storage: - description: "Storage defines the spec for the object storage endpoint to store traces. User is required to create secret and supply it." + description: "Storage defines the spec for the object storage endpoint to store traces.\nUser is required to create secret and supply it." properties: secret: - description: "Secret for object storage authentication. Name of a secret in the same namespace as the TempoStack custom resource." + description: "Secret for object storage authentication.\nName of a secret in the same namespace as the TempoStack custom resource." properties: name: description: "Name of a secret in the namespace configured for object storage secrets." @@ -330,10 +330,10 @@ spec: description: "TLS configuration for reaching the object storage endpoint." properties: caName: - description: "CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). It needs to be in the same namespace as the Tempo custom resource." + description: "CA is the name of a ConfigMap containing a CA certificate (service-ca.crt).\nIt needs to be in the same namespace as the Tempo custom resource." type: "string" certName: - description: "Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). It needs to be in the same namespace as the Tempo custom resource." + description: "Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key).\nIt needs to be in the same namespace as the Tempo custom resource." type: "string" enabled: description: "Enabled defines if TLS is enabled." @@ -375,12 +375,12 @@ spec: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -396,7 +396,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -405,29 +405,29 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: description: "Tolerations defines component-specific pod tolerations." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -437,7 +437,7 @@ spec: description: "Distributor defines the distributor component spec." properties: component: - description: "TempoComponentSpec is embedded to extend this definition with further options. \n Currently, there is no way to inline this field. See: https://github.com/golang/go/issues/6213" + description: "TempoComponentSpec is embedded to extend this definition with further options.\n\n\nCurrently, there is no way to inline this field.\nSee: https://github.com/golang/go/issues/6213" properties: nodeSelector: additionalProperties: @@ -452,12 +452,12 @@ spec: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -473,7 +473,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -482,42 +482,42 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: description: "Tolerations defines component-specific pod tolerations." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" x-kubernetes-list-type: "atomic" type: "object" tls: - description: "TLS defines TLS configuration for distributor receivers" + description: "TLS defines TLS configuration for distributor receivers\n\n\nIf openshift feature flag `servingCertsService` is enabled and TLS is enabled but no\ncertName or caName is specified, OpenShift service serving certificates will be used." properties: caName: - description: "CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). It needs to be in the same namespace as the Tempo custom resource." + description: "CA is the name of a ConfigMap containing a CA certificate (service-ca.crt).\nIt needs to be in the same namespace as the Tempo custom resource." type: "string" certName: - description: "Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). It needs to be in the same namespace as the Tempo custom resource." + description: "Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key).\nIt needs to be in the same namespace as the Tempo custom resource." type: "string" enabled: description: "Enabled defines if TLS is enabled." @@ -531,7 +531,7 @@ spec: description: "Gateway defines the tempo gateway spec." properties: component: - description: "TempoComponentSpec is embedded to extend this definition with further options. \n Currently there is no way to inline this field. See: https://github.com/golang/go/issues/6213" + description: "TempoComponentSpec is embedded to extend this definition with further options.\n\n\nCurrently there is no way to inline this field.\nSee: https://github.com/golang/go/issues/6213" properties: nodeSelector: additionalProperties: @@ -546,12 +546,12 @@ spec: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -567,7 +567,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -576,29 +576,29 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: description: "Tolerations defines component-specific pod tolerations." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -618,13 +618,13 @@ spec: description: "Host defines the hostname of the Ingress object." type: "string" ingressClassName: - description: "IngressClassName defines the name of an IngressClass cluster resource. Defines which ingress controller serves this ingress resource." + description: "IngressClassName defines the name of an IngressClass cluster resource.\nDefines which ingress controller serves this ingress resource." type: "string" route: description: "Route defines the options for the OpenShift route." properties: termination: - description: "Termination defines the termination type. The default is \"edge\"." + description: "Termination defines the termination type.\nThe default is \"edge\"." enum: - "insecure" - "edge" @@ -633,7 +633,7 @@ spec: type: "string" type: "object" type: - description: "Type defines the type of Ingress for the Jaeger Query UI. Currently ingress, route and none are supported." + description: "Type defines the type of Ingress for the Jaeger Query UI.\nCurrently ingress, route and none are supported." enum: - "ingress" - "route" @@ -658,12 +658,12 @@ spec: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -679,7 +679,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -688,29 +688,29 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: description: "Tolerations defines component-specific pod tolerations." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -732,12 +732,12 @@ spec: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -753,7 +753,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -762,29 +762,29 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: description: "Tolerations defines component-specific pod tolerations." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -794,7 +794,7 @@ spec: description: "TempoQueryFrontendSpec defines the query frontend spec." properties: component: - description: "TempoComponentSpec is embedded to extend this definition with further options. \n Currently there is no way to inline this field. See: https://github.com/golang/go/issues/6213" + description: "TempoComponentSpec is embedded to extend this definition with further options.\n\n\nCurrently there is no way to inline this field.\nSee: https://github.com/golang/go/issues/6213" properties: nodeSelector: additionalProperties: @@ -809,12 +809,12 @@ spec: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -830,7 +830,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -839,29 +839,29 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: description: "Tolerations defines component-specific pod tolerations." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -877,15 +877,15 @@ spec: description: "Defines if the authentication will be enabled for jaeger UI." type: "boolean" resources: - description: "Resources defines the compute resource requirements of the OAuth Proxy container. The OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled." + description: "Resources defines the compute resource requirements of the OAuth Proxy container.\nThe OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -901,7 +901,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -910,11 +910,11 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" sar: - description: "SAR defines the SAR to be used in the oauth-proxy default is \"{\"namespace\": \"\", \"resource\": \"pods\", \"verb\": \"get\"}" + description: "SAR defines the SAR to be used in the oauth-proxy\ndefault is \"{\"namespace\": \"\", \"resource\": \"pods\", \"verb\": \"get\"}" type: "string" type: "object" enabled: @@ -932,13 +932,13 @@ spec: description: "Host defines the hostname of the Ingress object." type: "string" ingressClassName: - description: "IngressClassName defines the name of an IngressClass cluster resource. Defines which ingress controller serves this ingress resource." + description: "IngressClassName defines the name of an IngressClass cluster resource.\nDefines which ingress controller serves this ingress resource." type: "string" route: description: "Route defines the options for the OpenShift route." properties: termination: - description: "Termination defines the termination type. The default is \"edge\"." + description: "Termination defines the termination type.\nThe default is \"edge\"." enum: - "insecure" - "edge" @@ -947,7 +947,7 @@ spec: type: "string" type: "object" type: - description: "Type defines the type of Ingress for the Jaeger Query UI. Currently ingress, route and none are supported." + description: "Type defines the type of Ingress for the Jaeger Query UI.\nCurrently ingress, route and none are supported." enum: - "ingress" - "route" @@ -957,22 +957,22 @@ spec: description: "MonitorTab defines the monitor tab configuration." properties: enabled: - description: "Enabled enables the monitor tab in the Jaeger console. The PrometheusEndpoint must be configured to enable this feature." + description: "Enabled enables the monitor tab in the Jaeger console.\nThe PrometheusEndpoint must be configured to enable this feature." type: "boolean" prometheusEndpoint: - description: "PrometheusEndpoint defines the endpoint to the Prometheus instance that contains the span rate, error, and duration (RED) metrics. For instance on OpenShift this is set to https://thanos-querier.openshift-monitoring.svc.cluster.local:9091" + description: "PrometheusEndpoint defines the endpoint to the Prometheus instance that contains the span rate, error, and duration (RED) metrics.\nFor instance on OpenShift this is set to https://thanos-querier.openshift-monitoring.svc.cluster.local:9091" type: "string" type: "object" resources: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -988,7 +988,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -997,7 +997,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" servicesQueryDuration: @@ -1038,10 +1038,10 @@ spec: type: "string" type: "object" tenantId: - description: "TenantID defines a universally unique identifier of the tenant. Unlike the tenantName, which must be unique at a given time, the tenantId must be unique over the entire lifetime of the Tempo deployment. Tempo uses this ID to prefix objects in the object storage." + description: "TenantID defines a universally unique identifier of the tenant.\nUnlike the tenantName, which must be unique at a given time, the tenantId must be unique over the entire lifetime of the Tempo deployment.\nTempo uses this ID to prefix objects in the object storage." type: "string" tenantName: - description: "TenantName defines a human readable, unique name of the tenant. The value of this field must be specified in the X-Scope-OrgID header and in the resources field of a ClusterRole to identify the tenant." + description: "TenantName defines a human readable, unique name of the tenant.\nThe value of this field must be specified in the X-Scope-OrgID header and in the resources field of a ClusterRole to identify the tenant." type: "string" required: - "tenantId" @@ -1133,7 +1133,7 @@ spec: description: "TempoStackStatus defines the observed state of TempoStack." properties: components: - description: "Components provides summary of all Tempo pod status grouped per component." + description: "Components provides summary of all Tempo pod status grouped\nper component." properties: compactor: additionalProperties: @@ -1181,23 +1181,23 @@ spec: conditions: description: "Conditions of the Tempo deployment health." items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -1210,7 +1210,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportprovisiontokens.yaml b/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportprovisiontokens.yaml index efe4527c6..5b8ad3c5a 100644 --- a/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportprovisiontokens.yaml +++ b/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportprovisiontokens.yaml @@ -218,7 +218,7 @@ spec: type: "string" type: "object" join_method: - description: "JoinMethod is the joining method required in order to use this token. Supported joining methods include \"token\", \"ec2\", and \"iam\"." + description: "JoinMethod is the joining method required in order to use this token. Supported joining methods include: azure, circleci, ec2, gcp, github, gitlab, iam, kubernetes, spacelift, token, tpm" type: "string" kubernetes: description: "Kubernetes allows the configuration of options specific to the \"kubernetes\" join method." diff --git a/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportsamlconnectors.yaml b/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportsamlconnectors.yaml index a322f9e0c..fe31ad4f6 100644 --- a/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportsamlconnectors.yaml +++ b/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportsamlconnectors.yaml @@ -69,7 +69,7 @@ spec: description: "Audience uniquely identifies our service provider." type: "string" cert: - description: "Cert is the identity provider certificate PEM. IDP signs responses using this certificate." + description: "Cert is the identity provider certificate PEM. IDP signs `` responses using this certificate." type: "string" client_redirect_settings: description: "ClientRedirectSettings defines which client redirect URLs are allowed for non-browser SSO logins other than the standard localhost ones." diff --git a/crd-catalog/gravitational/teleport/resources.teleport.dev/v5/teleportroles.yaml b/crd-catalog/gravitational/teleport/resources.teleport.dev/v5/teleportroles.yaml index fa53371b6..1e1d5edcd 100644 --- a/crd-catalog/gravitational/teleport/resources.teleport.dev/v5/teleportroles.yaml +++ b/crd-catalog/gravitational/teleport/resources.teleport.dev/v5/teleportroles.yaml @@ -922,7 +922,7 @@ spec: description: "DesktopDirectorySharing indicates whether directory sharing is allowed between the user's workstation and the remote desktop. It defaults to false unless explicitly set to true." type: "boolean" device_trust_mode: - description: "DeviceTrustMode is the device authorization mode used for the resources associated with the role. See DeviceTrust.Mode. Reserved for future use, not yet used by Teleport." + description: "DeviceTrustMode is the device authorization mode used for the resources associated with the role. See DeviceTrust.Mode." type: "string" disconnect_expired_cert: description: "DisconnectExpiredCert sets disconnect clients on expired certificates." @@ -992,7 +992,7 @@ spec: type: "string" type: "object" request_access: - description: "RequestAccess defines the access request strategy (optional|note|always) where optional is the default." + description: "RequestAccess defines the request strategy (optional|note|always) where optional is the default." type: "string" request_prompt: description: "RequestPrompt is an optional message which tells users what they aught to request." diff --git a/crd-catalog/gravitational/teleport/resources.teleport.dev/v6/teleportroles.yaml b/crd-catalog/gravitational/teleport/resources.teleport.dev/v6/teleportroles.yaml index a7ccc3250..0dc3fac6b 100644 --- a/crd-catalog/gravitational/teleport/resources.teleport.dev/v6/teleportroles.yaml +++ b/crd-catalog/gravitational/teleport/resources.teleport.dev/v6/teleportroles.yaml @@ -922,7 +922,7 @@ spec: description: "DesktopDirectorySharing indicates whether directory sharing is allowed between the user's workstation and the remote desktop. It defaults to false unless explicitly set to true." type: "boolean" device_trust_mode: - description: "DeviceTrustMode is the device authorization mode used for the resources associated with the role. See DeviceTrust.Mode. Reserved for future use, not yet used by Teleport." + description: "DeviceTrustMode is the device authorization mode used for the resources associated with the role. See DeviceTrust.Mode." type: "string" disconnect_expired_cert: description: "DisconnectExpiredCert sets disconnect clients on expired certificates." @@ -992,7 +992,7 @@ spec: type: "string" type: "object" request_access: - description: "RequestAccess defines the access request strategy (optional|note|always) where optional is the default." + description: "RequestAccess defines the request strategy (optional|note|always) where optional is the default." type: "string" request_prompt: description: "RequestPrompt is an optional message which tells users what they aught to request." diff --git a/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/agentpools.yaml b/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/agentpools.yaml index d1559ad1b..61c9dc274 100644 --- a/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/agentpools.yaml +++ b/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/agentpools.yaml @@ -27,7 +27,7 @@ spec: metadata: type: "object" spec: - description: "AgentPoolSpec defines the desired stak get ste of AgentPool." + description: "AgentPoolSpec defines the desired state of AgentPool." properties: agentDeployment: description: "Agent deployment settings" @@ -4485,6 +4485,18 @@ spec: autoscaling: description: "Agent deployment settings" properties: + cooldownPeriod: + description: "CoolDownPeriod configures the period to wait between scaling up and scaling down" + properties: + scaleDownSeconds: + description: "ScaleDownSeconds is the time to wait before scaling down." + format: "int32" + type: "integer" + scaleUpSeconds: + description: "ScaleUpSeconds is the time to wait before scaling up." + format: "int32" + type: "integer" + type: "object" cooldownPeriodSeconds: default: 300 description: "CooldownPeriodSeconds is the time to wait between scaling events. Defaults to 300." diff --git a/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultauths.yaml b/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultauths.yaml index 5c205ff99..6f9079ee2 100644 --- a/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultauths.yaml +++ b/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultauths.yaml @@ -177,6 +177,9 @@ spec: vaultAuthGlobalRef: description: "VaultAuthGlobalRef." properties: + allowDefault: + description: "AllowDefault when set to true will use the default VaultAuthGlobal resource\nas the default if Name is not set. The 'allow-default-globals' option must be\nset on the operator's '-global-vault-auth-options' flag\n\n\nThe default VaultAuthGlobal search is conditional.\nWhen a ref Namespace is set, the search for the default\nVaultAuthGlobal resource is constrained to that namespace.\nOtherwise, the search order is:\n1. The default VaultAuthGlobal resource in the referring VaultAuth resource's\nnamespace.\n2. The default VaultAuthGlobal resource in the Operator's namespace." + type: "boolean" mergeStrategy: description: "MergeStrategy configures the merge strategy for HTTP headers and parameters\nthat are included in all Vault authentication requests." properties: @@ -203,8 +206,6 @@ spec: description: "Namespace of the VaultAuthGlobal resource. If not provided, the namespace of\nthe referring VaultAuth resource is used." pattern: "^([a-z0-9.-]{1,253})$" type: "string" - required: - - "name" type: "object" vaultConnectionRef: description: "VaultConnectionRef to the VaultConnection resource, can be prefixed with a namespace,\neg: `namespaceA/vaultConnectionRefB`. If no namespace prefix is provided it will default to\nnamespace of the VaultConnection CR. If no value is specified for VaultConnectionRef the\nOperator will default to the `default` VaultConnection, configured in the operator's namespace." diff --git a/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultstaticsecrets.yaml b/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultstaticsecrets.yaml index e0ed5ab62..e97795df0 100644 --- a/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultstaticsecrets.yaml +++ b/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultstaticsecrets.yaml @@ -165,6 +165,13 @@ spec: - "name" type: "object" type: "array" + syncConfig: + description: "SyncConfig configures sync behavior from Vault to VSO" + properties: + instantUpdates: + description: "InstantUpdates is a flag to indicate that event-driven updates are\nenabled for this VaultStaticSecret" + type: "boolean" + type: "object" type: description: "Type of the Vault static secret" enum: diff --git a/crd-catalog/istio/istio/networking.istio.io/v1/destinationrules.yaml b/crd-catalog/istio/istio/networking.istio.io/v1/destinationrules.yaml index 89a2a0798..d28dd65ca 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1/destinationrules.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1/destinationrules.yaml @@ -211,9 +211,6 @@ spec: ttl: description: "Lifetime of the cookie." type: "string" - x-kubernetes-validations: - - message: "must be a valid duration greater than 1ms" - rule: "duration(self) >= duration('1ms')" required: - "name" type: "object" @@ -504,9 +501,6 @@ spec: ttl: description: "Lifetime of the cookie." type: "string" - x-kubernetes-validations: - - message: "must be a valid duration greater than 1ms" - rule: "duration(self) >= duration('1ms')" required: - "name" type: "object" @@ -918,9 +912,6 @@ spec: ttl: description: "Lifetime of the cookie." type: "string" - x-kubernetes-validations: - - message: "must be a valid duration greater than 1ms" - rule: "duration(self) >= duration('1ms')" required: - "name" type: "object" @@ -1211,9 +1202,6 @@ spec: ttl: description: "Lifetime of the cookie." type: "string" - x-kubernetes-validations: - - message: "must be a valid duration greater than 1ms" - rule: "duration(self) >= duration('1ms')" required: - "name" type: "object" diff --git a/crd-catalog/istio/istio/networking.istio.io/v1/serviceentries.yaml b/crd-catalog/istio/istio/networking.istio.io/v1/serviceentries.yaml index b3c153ec9..cd883dffb 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1/serviceentries.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1/serviceentries.yaml @@ -58,27 +58,44 @@ spec: properties: address: description: "Address associated with the network endpoint without the port." + maxLength: 256 type: "string" + x-kubernetes-validations: + - message: "UDS must be an absolute path or abstract socket" + rule: "self.startsWith('unix://') ? (self.substring(7,8) == '/' || self.substring(7,8) == '@') : true" + - message: "UDS may not be a dir" + rule: "self.startsWith('unix://') ? !self.endsWith('/') : true" labels: additionalProperties: type: "string" description: "One or more labels associated with the endpoint." + maxProperties: 256 type: "object" locality: description: "The locality associated with the endpoint." + maxLength: 2048 type: "string" network: description: "Network enables Istio to group endpoints resident in the same L3 domain/network." + maxLength: 2048 type: "string" ports: additionalProperties: maximum: 4294967295.0 minimum: 0.0 type: "integer" + x-kubernetes-validations: + - message: "port must be between 1-65535" + rule: "0 < self && self <= 65535" description: "Set of ports associated with the endpoint." + maxProperties: 128 type: "object" + x-kubernetes-validations: + - message: "port name must be valid" + rule: "self.all(key, size(key) < 63 && key.matches('^[a-zA-Z0-9](?:[-a-zA-Z0-9]*[a-zA-Z0-9])?$'))" serviceAccount: description: "The service account associated with the workload if a sidecar is present in the workload." + maxLength: 253 type: "string" weight: description: "The load balancing weight associated with the endpoint." @@ -86,6 +103,12 @@ spec: minimum: 0.0 type: "integer" type: "object" + x-kubernetes-validations: + - message: "Address is required" + rule: "has(self.address) || has(self.network)" + - message: "UDS may not include ports" + rule: "(has(self.address) && self.address.startsWith('unix://')) ? !has(self.ports) : true" + maxItems: 4096 type: "array" exportTo: description: "A list of namespaces to which this service is exported." diff --git a/crd-catalog/istio/istio/networking.istio.io/v1/workloadentries.yaml b/crd-catalog/istio/istio/networking.istio.io/v1/workloadentries.yaml index 23190d7a5..66bbabb55 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1/workloadentries.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1/workloadentries.yaml @@ -41,27 +41,44 @@ spec: properties: address: description: "Address associated with the network endpoint without the port." + maxLength: 256 type: "string" + x-kubernetes-validations: + - message: "UDS must be an absolute path or abstract socket" + rule: "self.startsWith('unix://') ? (self.substring(7,8) == '/' || self.substring(7,8) == '@') : true" + - message: "UDS may not be a dir" + rule: "self.startsWith('unix://') ? !self.endsWith('/') : true" labels: additionalProperties: type: "string" description: "One or more labels associated with the endpoint." + maxProperties: 256 type: "object" locality: description: "The locality associated with the endpoint." + maxLength: 2048 type: "string" network: description: "Network enables Istio to group endpoints resident in the same L3 domain/network." + maxLength: 2048 type: "string" ports: additionalProperties: maximum: 4294967295.0 minimum: 0.0 type: "integer" + x-kubernetes-validations: + - message: "port must be between 1-65535" + rule: "0 < self && self <= 65535" description: "Set of ports associated with the endpoint." + maxProperties: 128 type: "object" + x-kubernetes-validations: + - message: "port name must be valid" + rule: "self.all(key, size(key) < 63 && key.matches('^[a-zA-Z0-9](?:[-a-zA-Z0-9]*[a-zA-Z0-9])?$'))" serviceAccount: description: "The service account associated with the workload if a sidecar is present in the workload." + maxLength: 253 type: "string" weight: description: "The load balancing weight associated with the endpoint." @@ -69,9 +86,18 @@ spec: minimum: 0.0 type: "integer" type: "object" + x-kubernetes-validations: + - message: "Address is required" + rule: "has(self.address) || has(self.network)" + - message: "UDS may not include ports" + rule: "(has(self.address) && self.address.startsWith('unix://')) ? !has(self.ports) : true" status: type: "object" x-kubernetes-preserve-unknown-fields: true + required: + - "spec" + - "spec" + - "spec" type: "object" served: true storage: false diff --git a/crd-catalog/istio/istio/networking.istio.io/v1/workloadgroups.yaml b/crd-catalog/istio/istio/networking.istio.io/v1/workloadgroups.yaml index 817ae4a5f..791089f97 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1/workloadgroups.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1/workloadgroups.yaml @@ -139,27 +139,44 @@ spec: properties: address: description: "Address associated with the network endpoint without the port." + maxLength: 256 type: "string" + x-kubernetes-validations: + - message: "UDS must be an absolute path or abstract socket" + rule: "self.startsWith('unix://') ? (self.substring(7,8) == '/' || self.substring(7,8) == '@') : true" + - message: "UDS may not be a dir" + rule: "self.startsWith('unix://') ? !self.endsWith('/') : true" labels: additionalProperties: type: "string" description: "One or more labels associated with the endpoint." + maxProperties: 256 type: "object" locality: description: "The locality associated with the endpoint." + maxLength: 2048 type: "string" network: description: "Network enables Istio to group endpoints resident in the same L3 domain/network." + maxLength: 2048 type: "string" ports: additionalProperties: maximum: 4294967295.0 minimum: 0.0 type: "integer" + x-kubernetes-validations: + - message: "port must be between 1-65535" + rule: "0 < self && self <= 65535" description: "Set of ports associated with the endpoint." + maxProperties: 128 type: "object" + x-kubernetes-validations: + - message: "port name must be valid" + rule: "self.all(key, size(key) < 63 && key.matches('^[a-zA-Z0-9](?:[-a-zA-Z0-9]*[a-zA-Z0-9])?$'))" serviceAccount: description: "The service account associated with the workload if a sidecar is present in the workload." + maxLength: 253 type: "string" weight: description: "The load balancing weight associated with the endpoint." @@ -167,6 +184,11 @@ spec: minimum: 0.0 type: "integer" type: "object" + x-kubernetes-validations: + - message: "Address is required" + rule: "has(self.address) || has(self.network)" + - message: "UDS may not include ports" + rule: "(has(self.address) && self.address.startsWith('unix://')) ? !has(self.ports) : true" required: - "template" type: "object" diff --git a/crd-catalog/istio/istio/networking.istio.io/v1alpha3/destinationrules.yaml b/crd-catalog/istio/istio/networking.istio.io/v1alpha3/destinationrules.yaml index d20e526af..9f00a5fbe 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1alpha3/destinationrules.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1alpha3/destinationrules.yaml @@ -211,9 +211,6 @@ spec: ttl: description: "Lifetime of the cookie." type: "string" - x-kubernetes-validations: - - message: "must be a valid duration greater than 1ms" - rule: "duration(self) >= duration('1ms')" required: - "name" type: "object" @@ -504,9 +501,6 @@ spec: ttl: description: "Lifetime of the cookie." type: "string" - x-kubernetes-validations: - - message: "must be a valid duration greater than 1ms" - rule: "duration(self) >= duration('1ms')" required: - "name" type: "object" @@ -918,9 +912,6 @@ spec: ttl: description: "Lifetime of the cookie." type: "string" - x-kubernetes-validations: - - message: "must be a valid duration greater than 1ms" - rule: "duration(self) >= duration('1ms')" required: - "name" type: "object" @@ -1211,9 +1202,6 @@ spec: ttl: description: "Lifetime of the cookie." type: "string" - x-kubernetes-validations: - - message: "must be a valid duration greater than 1ms" - rule: "duration(self) >= duration('1ms')" required: - "name" type: "object" diff --git a/crd-catalog/istio/istio/networking.istio.io/v1alpha3/serviceentries.yaml b/crd-catalog/istio/istio/networking.istio.io/v1alpha3/serviceentries.yaml index b7c119f48..4608d419b 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1alpha3/serviceentries.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1alpha3/serviceentries.yaml @@ -58,27 +58,44 @@ spec: properties: address: description: "Address associated with the network endpoint without the port." + maxLength: 256 type: "string" + x-kubernetes-validations: + - message: "UDS must be an absolute path or abstract socket" + rule: "self.startsWith('unix://') ? (self.substring(7,8) == '/' || self.substring(7,8) == '@') : true" + - message: "UDS may not be a dir" + rule: "self.startsWith('unix://') ? !self.endsWith('/') : true" labels: additionalProperties: type: "string" description: "One or more labels associated with the endpoint." + maxProperties: 256 type: "object" locality: description: "The locality associated with the endpoint." + maxLength: 2048 type: "string" network: description: "Network enables Istio to group endpoints resident in the same L3 domain/network." + maxLength: 2048 type: "string" ports: additionalProperties: maximum: 4294967295.0 minimum: 0.0 type: "integer" + x-kubernetes-validations: + - message: "port must be between 1-65535" + rule: "0 < self && self <= 65535" description: "Set of ports associated with the endpoint." + maxProperties: 128 type: "object" + x-kubernetes-validations: + - message: "port name must be valid" + rule: "self.all(key, size(key) < 63 && key.matches('^[a-zA-Z0-9](?:[-a-zA-Z0-9]*[a-zA-Z0-9])?$'))" serviceAccount: description: "The service account associated with the workload if a sidecar is present in the workload." + maxLength: 253 type: "string" weight: description: "The load balancing weight associated with the endpoint." @@ -86,6 +103,12 @@ spec: minimum: 0.0 type: "integer" type: "object" + x-kubernetes-validations: + - message: "Address is required" + rule: "has(self.address) || has(self.network)" + - message: "UDS may not include ports" + rule: "(has(self.address) && self.address.startsWith('unix://')) ? !has(self.ports) : true" + maxItems: 4096 type: "array" exportTo: description: "A list of namespaces to which this service is exported." diff --git a/crd-catalog/istio/istio/networking.istio.io/v1alpha3/workloadentries.yaml b/crd-catalog/istio/istio/networking.istio.io/v1alpha3/workloadentries.yaml index a19cece53..a3ea1a489 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1alpha3/workloadentries.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1alpha3/workloadentries.yaml @@ -41,27 +41,44 @@ spec: properties: address: description: "Address associated with the network endpoint without the port." + maxLength: 256 type: "string" + x-kubernetes-validations: + - message: "UDS must be an absolute path or abstract socket" + rule: "self.startsWith('unix://') ? (self.substring(7,8) == '/' || self.substring(7,8) == '@') : true" + - message: "UDS may not be a dir" + rule: "self.startsWith('unix://') ? !self.endsWith('/') : true" labels: additionalProperties: type: "string" description: "One or more labels associated with the endpoint." + maxProperties: 256 type: "object" locality: description: "The locality associated with the endpoint." + maxLength: 2048 type: "string" network: description: "Network enables Istio to group endpoints resident in the same L3 domain/network." + maxLength: 2048 type: "string" ports: additionalProperties: maximum: 4294967295.0 minimum: 0.0 type: "integer" + x-kubernetes-validations: + - message: "port must be between 1-65535" + rule: "0 < self && self <= 65535" description: "Set of ports associated with the endpoint." + maxProperties: 128 type: "object" + x-kubernetes-validations: + - message: "port name must be valid" + rule: "self.all(key, size(key) < 63 && key.matches('^[a-zA-Z0-9](?:[-a-zA-Z0-9]*[a-zA-Z0-9])?$'))" serviceAccount: description: "The service account associated with the workload if a sidecar is present in the workload." + maxLength: 253 type: "string" weight: description: "The load balancing weight associated with the endpoint." @@ -69,9 +86,18 @@ spec: minimum: 0.0 type: "integer" type: "object" + x-kubernetes-validations: + - message: "Address is required" + rule: "has(self.address) || has(self.network)" + - message: "UDS may not include ports" + rule: "(has(self.address) && self.address.startsWith('unix://')) ? !has(self.ports) : true" status: type: "object" x-kubernetes-preserve-unknown-fields: true + required: + - "spec" + - "spec" + - "spec" type: "object" served: true storage: false diff --git a/crd-catalog/istio/istio/networking.istio.io/v1alpha3/workloadgroups.yaml b/crd-catalog/istio/istio/networking.istio.io/v1alpha3/workloadgroups.yaml index 262787fe4..e4f411315 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1alpha3/workloadgroups.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1alpha3/workloadgroups.yaml @@ -139,27 +139,44 @@ spec: properties: address: description: "Address associated with the network endpoint without the port." + maxLength: 256 type: "string" + x-kubernetes-validations: + - message: "UDS must be an absolute path or abstract socket" + rule: "self.startsWith('unix://') ? (self.substring(7,8) == '/' || self.substring(7,8) == '@') : true" + - message: "UDS may not be a dir" + rule: "self.startsWith('unix://') ? !self.endsWith('/') : true" labels: additionalProperties: type: "string" description: "One or more labels associated with the endpoint." + maxProperties: 256 type: "object" locality: description: "The locality associated with the endpoint." + maxLength: 2048 type: "string" network: description: "Network enables Istio to group endpoints resident in the same L3 domain/network." + maxLength: 2048 type: "string" ports: additionalProperties: maximum: 4294967295.0 minimum: 0.0 type: "integer" + x-kubernetes-validations: + - message: "port must be between 1-65535" + rule: "0 < self && self <= 65535" description: "Set of ports associated with the endpoint." + maxProperties: 128 type: "object" + x-kubernetes-validations: + - message: "port name must be valid" + rule: "self.all(key, size(key) < 63 && key.matches('^[a-zA-Z0-9](?:[-a-zA-Z0-9]*[a-zA-Z0-9])?$'))" serviceAccount: description: "The service account associated with the workload if a sidecar is present in the workload." + maxLength: 253 type: "string" weight: description: "The load balancing weight associated with the endpoint." @@ -167,6 +184,11 @@ spec: minimum: 0.0 type: "integer" type: "object" + x-kubernetes-validations: + - message: "Address is required" + rule: "has(self.address) || has(self.network)" + - message: "UDS may not include ports" + rule: "(has(self.address) && self.address.startsWith('unix://')) ? !has(self.ports) : true" required: - "template" type: "object" diff --git a/crd-catalog/istio/istio/networking.istio.io/v1beta1/destinationrules.yaml b/crd-catalog/istio/istio/networking.istio.io/v1beta1/destinationrules.yaml index 4d00e7a91..d1aa0b2c6 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1beta1/destinationrules.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1beta1/destinationrules.yaml @@ -211,9 +211,6 @@ spec: ttl: description: "Lifetime of the cookie." type: "string" - x-kubernetes-validations: - - message: "must be a valid duration greater than 1ms" - rule: "duration(self) >= duration('1ms')" required: - "name" type: "object" @@ -504,9 +501,6 @@ spec: ttl: description: "Lifetime of the cookie." type: "string" - x-kubernetes-validations: - - message: "must be a valid duration greater than 1ms" - rule: "duration(self) >= duration('1ms')" required: - "name" type: "object" @@ -918,9 +912,6 @@ spec: ttl: description: "Lifetime of the cookie." type: "string" - x-kubernetes-validations: - - message: "must be a valid duration greater than 1ms" - rule: "duration(self) >= duration('1ms')" required: - "name" type: "object" @@ -1211,9 +1202,6 @@ spec: ttl: description: "Lifetime of the cookie." type: "string" - x-kubernetes-validations: - - message: "must be a valid duration greater than 1ms" - rule: "duration(self) >= duration('1ms')" required: - "name" type: "object" diff --git a/crd-catalog/istio/istio/networking.istio.io/v1beta1/serviceentries.yaml b/crd-catalog/istio/istio/networking.istio.io/v1beta1/serviceentries.yaml index 49d785e0c..777b2340a 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1beta1/serviceentries.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1beta1/serviceentries.yaml @@ -58,27 +58,44 @@ spec: properties: address: description: "Address associated with the network endpoint without the port." + maxLength: 256 type: "string" + x-kubernetes-validations: + - message: "UDS must be an absolute path or abstract socket" + rule: "self.startsWith('unix://') ? (self.substring(7,8) == '/' || self.substring(7,8) == '@') : true" + - message: "UDS may not be a dir" + rule: "self.startsWith('unix://') ? !self.endsWith('/') : true" labels: additionalProperties: type: "string" description: "One or more labels associated with the endpoint." + maxProperties: 256 type: "object" locality: description: "The locality associated with the endpoint." + maxLength: 2048 type: "string" network: description: "Network enables Istio to group endpoints resident in the same L3 domain/network." + maxLength: 2048 type: "string" ports: additionalProperties: maximum: 4294967295.0 minimum: 0.0 type: "integer" + x-kubernetes-validations: + - message: "port must be between 1-65535" + rule: "0 < self && self <= 65535" description: "Set of ports associated with the endpoint." + maxProperties: 128 type: "object" + x-kubernetes-validations: + - message: "port name must be valid" + rule: "self.all(key, size(key) < 63 && key.matches('^[a-zA-Z0-9](?:[-a-zA-Z0-9]*[a-zA-Z0-9])?$'))" serviceAccount: description: "The service account associated with the workload if a sidecar is present in the workload." + maxLength: 253 type: "string" weight: description: "The load balancing weight associated with the endpoint." @@ -86,6 +103,12 @@ spec: minimum: 0.0 type: "integer" type: "object" + x-kubernetes-validations: + - message: "Address is required" + rule: "has(self.address) || has(self.network)" + - message: "UDS may not include ports" + rule: "(has(self.address) && self.address.startsWith('unix://')) ? !has(self.ports) : true" + maxItems: 4096 type: "array" exportTo: description: "A list of namespaces to which this service is exported." diff --git a/crd-catalog/istio/istio/networking.istio.io/v1beta1/workloadentries.yaml b/crd-catalog/istio/istio/networking.istio.io/v1beta1/workloadentries.yaml index 591a11b89..745d983c6 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1beta1/workloadentries.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1beta1/workloadentries.yaml @@ -41,27 +41,44 @@ spec: properties: address: description: "Address associated with the network endpoint without the port." + maxLength: 256 type: "string" + x-kubernetes-validations: + - message: "UDS must be an absolute path or abstract socket" + rule: "self.startsWith('unix://') ? (self.substring(7,8) == '/' || self.substring(7,8) == '@') : true" + - message: "UDS may not be a dir" + rule: "self.startsWith('unix://') ? !self.endsWith('/') : true" labels: additionalProperties: type: "string" description: "One or more labels associated with the endpoint." + maxProperties: 256 type: "object" locality: description: "The locality associated with the endpoint." + maxLength: 2048 type: "string" network: description: "Network enables Istio to group endpoints resident in the same L3 domain/network." + maxLength: 2048 type: "string" ports: additionalProperties: maximum: 4294967295.0 minimum: 0.0 type: "integer" + x-kubernetes-validations: + - message: "port must be between 1-65535" + rule: "0 < self && self <= 65535" description: "Set of ports associated with the endpoint." + maxProperties: 128 type: "object" + x-kubernetes-validations: + - message: "port name must be valid" + rule: "self.all(key, size(key) < 63 && key.matches('^[a-zA-Z0-9](?:[-a-zA-Z0-9]*[a-zA-Z0-9])?$'))" serviceAccount: description: "The service account associated with the workload if a sidecar is present in the workload." + maxLength: 253 type: "string" weight: description: "The load balancing weight associated with the endpoint." @@ -69,9 +86,18 @@ spec: minimum: 0.0 type: "integer" type: "object" + x-kubernetes-validations: + - message: "Address is required" + rule: "has(self.address) || has(self.network)" + - message: "UDS may not include ports" + rule: "(has(self.address) && self.address.startsWith('unix://')) ? !has(self.ports) : true" status: type: "object" x-kubernetes-preserve-unknown-fields: true + required: + - "spec" + - "spec" + - "spec" type: "object" served: true storage: true diff --git a/crd-catalog/istio/istio/networking.istio.io/v1beta1/workloadgroups.yaml b/crd-catalog/istio/istio/networking.istio.io/v1beta1/workloadgroups.yaml index ffe0d0a87..d5654da6c 100644 --- a/crd-catalog/istio/istio/networking.istio.io/v1beta1/workloadgroups.yaml +++ b/crd-catalog/istio/istio/networking.istio.io/v1beta1/workloadgroups.yaml @@ -139,27 +139,44 @@ spec: properties: address: description: "Address associated with the network endpoint without the port." + maxLength: 256 type: "string" + x-kubernetes-validations: + - message: "UDS must be an absolute path or abstract socket" + rule: "self.startsWith('unix://') ? (self.substring(7,8) == '/' || self.substring(7,8) == '@') : true" + - message: "UDS may not be a dir" + rule: "self.startsWith('unix://') ? !self.endsWith('/') : true" labels: additionalProperties: type: "string" description: "One or more labels associated with the endpoint." + maxProperties: 256 type: "object" locality: description: "The locality associated with the endpoint." + maxLength: 2048 type: "string" network: description: "Network enables Istio to group endpoints resident in the same L3 domain/network." + maxLength: 2048 type: "string" ports: additionalProperties: maximum: 4294967295.0 minimum: 0.0 type: "integer" + x-kubernetes-validations: + - message: "port must be between 1-65535" + rule: "0 < self && self <= 65535" description: "Set of ports associated with the endpoint." + maxProperties: 128 type: "object" + x-kubernetes-validations: + - message: "port name must be valid" + rule: "self.all(key, size(key) < 63 && key.matches('^[a-zA-Z0-9](?:[-a-zA-Z0-9]*[a-zA-Z0-9])?$'))" serviceAccount: description: "The service account associated with the workload if a sidecar is present in the workload." + maxLength: 253 type: "string" weight: description: "The load balancing weight associated with the endpoint." @@ -167,6 +184,11 @@ spec: minimum: 0.0 type: "integer" type: "object" + x-kubernetes-validations: + - message: "Address is required" + rule: "has(self.address) || has(self.network)" + - message: "UDS may not include ports" + rule: "(has(self.address) && self.address.startsWith('unix://')) ? !has(self.ports) : true" required: - "template" type: "object" diff --git a/crd-catalog/k8gb-io/k8gb/k8gb.absa.oss/v1beta1/gslbs.yaml b/crd-catalog/k8gb-io/k8gb/k8gb.absa.oss/v1beta1/gslbs.yaml index b743bea07..b4ef0d3c7 100644 --- a/crd-catalog/k8gb-io/k8gb/k8gb.absa.oss/v1beta1/gslbs.yaml +++ b/crd-catalog/k8gb-io/k8gb/k8gb.absa.oss/v1beta1/gslbs.yaml @@ -47,7 +47,7 @@ spec: description: "A default backend capable of servicing requests that don't match any\nrule. At least one of 'backend' or 'rules' must be specified. This field\nis optional to allow the loadbalancer controller or defaulting logic to\nspecify a global default." properties: resource: - description: "Resource is an ObjectRef to another Kubernetes resource in the namespace\nof the Ingress object. If resource is specified, a service.Name and\nservice.Port must not be specified.\nThis is a mutually exclusive setting with \"Service\"." + description: "resource is an ObjectRef to another Kubernetes resource in the namespace\nof the Ingress object. If resource is specified, a service.Name and\nservice.Port must not be specified.\nThis is a mutually exclusive setting with \"Service\"." properties: apiGroup: description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." @@ -64,19 +64,19 @@ spec: type: "object" x-kubernetes-map-type: "atomic" service: - description: "Service references a Service as a Backend.\nThis is a mutually exclusive setting with \"Resource\"." + description: "service references a service as a backend.\nThis is a mutually exclusive setting with \"Resource\"." properties: name: - description: "Name is the referenced service. The service must exist in\nthe same namespace as the Ingress object." + description: "name is the referenced service. The service must exist in\nthe same namespace as the Ingress object." type: "string" port: - description: "Port of the referenced service. A port name or port number\nis required for a IngressServiceBackend." + description: "port of the referenced service. A port name or port number\nis required for a IngressServiceBackend." properties: name: - description: "Name is the name of the port on the Service.\nThis is a mutually exclusive setting with \"Number\"." + description: "name is the name of the port on the Service.\nThis is a mutually exclusive setting with \"Number\"." type: "string" number: - description: "Number is the numerical port number (e.g. 80) on the Service.\nThis is a mutually exclusive setting with \"Name\"." + description: "number is the numerical port number (e.g. 80) on the Service.\nThis is a mutually exclusive setting with \"Name\"." format: "int32" type: "integer" type: "object" @@ -99,15 +99,15 @@ spec: description: "HTTPIngressRuleValue is a list of http selectors\npointing to backends. In the example: http:///?\n-> backend where where parts of the url correspond to\nRFC 3986, this resource will be used to match against\neverything after the last '/' and before the first '?'\nor '#'." properties: paths: - description: "A collection of paths that map requests to backends." + description: "paths is a collection of paths that map requests to backends." items: description: "HTTPIngressPath associates a path with a backend. Incoming urls matching the\npath are forwarded to the backend." properties: backend: - description: "Backend defines the referenced service endpoint to which the traffic\nwill be forwarded to." + description: "backend defines the referenced service endpoint to which the traffic\nwill be forwarded to." properties: resource: - description: "Resource is an ObjectRef to another Kubernetes resource in the namespace\nof the Ingress object. If resource is specified, a service.Name and\nservice.Port must not be specified.\nThis is a mutually exclusive setting with \"Service\"." + description: "resource is an ObjectRef to another Kubernetes resource in the namespace\nof the Ingress object. If resource is specified, a service.Name and\nservice.Port must not be specified.\nThis is a mutually exclusive setting with \"Service\"." properties: apiGroup: description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." @@ -124,19 +124,19 @@ spec: type: "object" x-kubernetes-map-type: "atomic" service: - description: "Service references a Service as a Backend.\nThis is a mutually exclusive setting with \"Resource\"." + description: "service references a service as a backend.\nThis is a mutually exclusive setting with \"Resource\"." properties: name: - description: "Name is the referenced service. The service must exist in\nthe same namespace as the Ingress object." + description: "name is the referenced service. The service must exist in\nthe same namespace as the Ingress object." type: "string" port: - description: "Port of the referenced service. A port name or port number\nis required for a IngressServiceBackend." + description: "port of the referenced service. A port name or port number\nis required for a IngressServiceBackend." properties: name: - description: "Name is the name of the port on the Service.\nThis is a mutually exclusive setting with \"Number\"." + description: "name is the name of the port on the Service.\nThis is a mutually exclusive setting with \"Number\"." type: "string" number: - description: "Number is the numerical port number (e.g. 80) on the Service.\nThis is a mutually exclusive setting with \"Name\"." + description: "number is the numerical port number (e.g. 80) on the Service.\nThis is a mutually exclusive setting with \"Name\"." format: "int32" type: "integer" type: "object" @@ -145,10 +145,10 @@ spec: type: "object" type: "object" path: - description: "Path is matched against the path of an incoming request. Currently it can\ncontain characters disallowed from the conventional \"path\" part of a URL\nas defined by RFC 3986. Paths must begin with a '/' and must be present\nwhen using PathType with value \"Exact\" or \"Prefix\"." + description: "path is matched against the path of an incoming request. Currently it can\ncontain characters disallowed from the conventional \"path\" part of a URL\nas defined by RFC 3986. Paths must begin with a '/' and must be present\nwhen using PathType with value \"Exact\" or \"Prefix\"." type: "string" pathType: - description: "PathType determines the interpretation of the Path matching. PathType can\nbe one of the following values:\n* Exact: Matches the URL path exactly.\n* Prefix: Matches based on a URL path prefix split by '/'. Matching is\n done on a path element by element basis. A path element refers is the\n list of labels in the path split by the '/' separator. A request is a\n match for path p if every p is an element-wise prefix of p of the\n request path. Note that if the last element of the path is a substring\n of the last element in request path, it is not a match (e.g. /foo/bar\n matches /foo/bar/baz, but does not match /foo/barbaz).\n* ImplementationSpecific: Interpretation of the Path matching is up to\n the IngressClass. Implementations can treat this as a separate PathType\n or treat it identically to Prefix or Exact path types.\nImplementations are required to support all path types." + description: "pathType determines the interpretation of the path matching. PathType can\nbe one of the following values:\n* Exact: Matches the URL path exactly.\n* Prefix: Matches based on a URL path prefix split by '/'. Matching is\n done on a path element by element basis. A path element refers is the\n list of labels in the path split by the '/' separator. A request is a\n match for path p if every p is an element-wise prefix of p of the\n request path. Note that if the last element of the path is a substring\n of the last element in request path, it is not a match (e.g. /foo/bar\n matches /foo/bar/baz, but does not match /foo/barbaz).\n* ImplementationSpecific: Interpretation of the Path matching is up to\n the IngressClass. Implementations can treat this as a separate PathType\n or treat it identically to Prefix or Exact path types.\nImplementations are required to support all path types." type: "string" required: - "backend" @@ -166,20 +166,55 @@ spec: tls: description: "TLS configuration. Currently the Ingress only supports a single TLS\nport, 443. If multiple members of this list specify different hosts, they\nwill be multiplexed on the same port according to the hostname specified\nthrough the SNI TLS extension, if the ingress controller fulfilling the\ningress supports SNI." items: - description: "IngressTLS describes the transport layer security associated with an Ingress." + description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: - description: "Hosts are a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: - description: "SecretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the Host header is used for routing." + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" type: "object" + resourceRef: + description: "ResourceRef spec" + properties: + ingress: + description: "Ingress selects a kubernetes.networking.k8s.io/v1.Ingress resource" + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" strategy: description: "Gslb Strategy spec" properties: @@ -204,7 +239,6 @@ spec: - "type" type: "object" required: - - "ingress" - "strategy" type: "object" status: @@ -221,8 +255,43 @@ spec: description: "Current Healthy DNS record structure" type: "object" hosts: - description: "Comma-separated list of hosts. Duplicating the value from range .spec.ingress.rules[*].host for printer column" + description: "Comma-separated list of hosts" type: "string" + loadBalancer: + description: "LoadBalancer configuration" + properties: + exposedIps: + description: "ExposedIPs on the local Load Balancer" + items: + type: "string" + type: "array" + type: "object" + servers: + description: "Servers configuration" + items: + description: "Servers holds the GSLB's servers' configuration" + properties: + host: + description: "Hostname exposed by the GSLB" + type: "string" + services: + description: "Kubernetes Services backing the load balanced application" + items: + description: "NamespacedName holds a reference to a k8s resource" + properties: + name: + description: "Name of the resource" + type: "string" + namespace: + description: "Namespace where the resource can be found" + type: "string" + required: + - "name" + - "namespace" + type: "object" + type: "array" + type: "object" + type: "array" serviceHealth: additionalProperties: type: "string" @@ -231,6 +300,8 @@ spec: required: - "geoTag" - "healthyRecords" + - "loadBalancer" + - "servers" - "serviceHealth" type: "object" type: "object" diff --git a/crd-catalog/k8ssandra/cass-operator/cassandra.datastax.com/v1beta1/cassandradatacenters.yaml b/crd-catalog/k8ssandra/cass-operator/cassandra.datastax.com/v1beta1/cassandradatacenters.yaml index 5edd1fff2..5949d40a1 100644 --- a/crd-catalog/k8ssandra/cass-operator/cassandra.datastax.com/v1beta1/cassandradatacenters.yaml +++ b/crd-catalog/k8ssandra/cass-operator/cassandra.datastax.com/v1beta1/cassandradatacenters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "cassandradatacenters.cassandra.datastax.com" spec: group: "cassandra.datastax.com" @@ -5296,6 +5296,9 @@ spec: - "name" type: "object" type: "array" + readOnlyRootFilesystem: + description: "ReadOnlyRootFilesystem makes the cassandra container to be run with a read-only root filesystem. Currently only functional when used with the\nnew k8ssandra-client config builder (Cassandra 4.1 and newer and HCD)" + type: "boolean" replaceNodes: description: "Deprecated Use CassandraTask replacenode to achieve correct node replacement. A list of pod names that need to be replaced." items: diff --git a/crd-catalog/k8ssandra/cass-operator/control.k8ssandra.io/v1alpha1/cassandratasks.yaml b/crd-catalog/k8ssandra/cass-operator/control.k8ssandra.io/v1alpha1/cassandratasks.yaml index e13edb516..6f51e954a 100644 --- a/crd-catalog/k8ssandra/cass-operator/control.k8ssandra.io/v1alpha1/cassandratasks.yaml +++ b/crd-catalog/k8ssandra/cass-operator/control.k8ssandra.io/v1alpha1/cassandratasks.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "cassandratasks.control.k8ssandra.io" spec: group: "control.k8ssandra.io" diff --git a/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/federatedhpas.yaml b/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/federatedhpas.yaml index 3d69eac27..07797924e 100644 --- a/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/federatedhpas.yaml +++ b/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/federatedhpas.yaml @@ -202,11 +202,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -292,11 +294,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -367,11 +371,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -604,11 +610,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -689,11 +697,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -759,11 +769,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpretercustomizations.yaml b/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpretercustomizations.yaml index c75e958ea..4b1aea3f5 100644 --- a/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpretercustomizations.yaml +++ b/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpretercustomizations.yaml @@ -17,7 +17,17 @@ spec: singular: "resourceinterpretercustomization" scope: "Cluster" versions: - - name: "v1alpha1" + - additionalPrinterColumns: + - jsonPath: ".spec.target.apiVersion" + name: "TARGET-API-VERSION" + type: "string" + - jsonPath: ".spec.target.kind" + name: "TARGET-KIND" + type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "AGE" + type: "date" + name: "v1alpha1" schema: openAPIV3Schema: description: "ResourceInterpreterCustomization describes the configuration of a specific\nresource for Karmada to get the structure.\nIt has higher precedence than the default interpreter and the interpreter\nwebhook." @@ -122,3 +132,4 @@ spec: type: "object" served: true storage: true + subresources: {} diff --git a/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusteringresses.yaml b/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusteringresses.yaml index b5c949a49..d79cefcb5 100644 --- a/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusteringresses.yaml +++ b/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusteringresses.yaml @@ -213,6 +213,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" serviceLocations: description: "ServiceLocations records the locations of MulticlusterIngress's backend\nService resources. It will be set by the system controller." diff --git a/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusterservices.yaml b/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusterservices.yaml index 7b6dddb84..05adea19e 100644 --- a/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusterservices.yaml +++ b/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusterservices.yaml @@ -189,6 +189,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" required: diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusteroverridepolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusteroverridepolicies.yaml index 39a18f236..4c8a7c7c8 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusteroverridepolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusteroverridepolicies.yaml @@ -223,6 +223,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -248,11 +249,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -448,11 +451,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -503,6 +508,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -528,11 +534,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml index ff37d7add..4cfb7988d 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml @@ -17,7 +17,17 @@ spec: singular: "clusterpropagationpolicy" scope: "Cluster" versions: - - name: "v1alpha1" + - additionalPrinterColumns: + - jsonPath: ".spec.conflictResolution" + name: "CONFLICT-RESOLUTION" + type: "string" + - jsonPath: ".spec.priority" + name: "PRIORITY" + type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "AGE" + type: "date" + name: "v1alpha1" schema: openAPIV3Schema: description: "ClusterPropagationPolicy represents the cluster-wide policy that propagates a group of resources to one or more clusters.\nDifferent with PropagationPolicy that could only propagate resources in its own namespace, ClusterPropagationPolicy\nis able to propagate cluster level resources and resources in any namespace other than system reserved ones.\nSystem reserved namespaces are: karmada-system, karmada-cluster, karmada-es-*." @@ -122,6 +132,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -147,11 +158,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -195,6 +208,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -220,11 +234,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -317,6 +333,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -342,11 +359,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -437,11 +456,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -473,3 +494,4 @@ spec: type: "object" served: true storage: true + subresources: {} diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/overridepolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/overridepolicies.yaml index 630d3f779..37043e953 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/overridepolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/overridepolicies.yaml @@ -223,6 +223,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -248,11 +249,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -448,11 +451,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -503,6 +508,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -528,11 +534,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml index 98a797229..9c69d3a68 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml @@ -17,7 +17,17 @@ spec: singular: "propagationpolicy" scope: "Namespaced" versions: - - name: "v1alpha1" + - additionalPrinterColumns: + - jsonPath: ".spec.conflictResolution" + name: "CONFLICT-RESOLUTION" + type: "string" + - jsonPath: ".spec.priority" + name: "PRIORITY" + type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "AGE" + type: "date" + name: "v1alpha1" schema: openAPIV3Schema: description: "PropagationPolicy represents the policy that propagates a group of resources to one or more clusters." @@ -122,6 +132,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -147,11 +158,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -195,6 +208,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -220,11 +234,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -317,6 +333,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -342,11 +359,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -437,11 +456,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -473,3 +494,4 @@ spec: type: "object" served: true storage: true + subresources: {} diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml index fad26f747..9bdb0404d 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml @@ -19,13 +19,13 @@ spec: versions: - additionalPrinterColumns: - jsonPath: ".spec.workload.manifests[*].kind" - name: "Workload-Kind" + name: "WORKLOAD-KIND" type: "string" - jsonPath: ".status.conditions[?(@.type==\"Applied\")].status" - name: "Applied" + name: "APPLIED" type: "string" - jsonPath: ".metadata.creationTimestamp" - name: "Age" + name: "AGE" type: "date" name: "v1alpha1" schema: diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml index b965a10eb..d1f0db37b 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml @@ -19,13 +19,13 @@ spec: versions: - additionalPrinterColumns: - jsonPath: ".status.conditions[?(@.type==\"Scheduled\")].status" - name: "Scheduled" + name: "SCHEDULED" type: "string" - jsonPath: ".status.conditions[?(@.type==\"FullyApplied\")].status" - name: "FullyApplied" + name: "FULLYAPPLIED" type: "string" - jsonPath: ".metadata.creationTimestamp" - name: "Age" + name: "AGE" type: "date" name: "v1alpha2" schema: @@ -177,6 +177,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -202,11 +203,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -250,6 +253,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -275,11 +279,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -372,6 +378,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -397,11 +404,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -483,11 +492,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -504,14 +515,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml index e6de8c7d1..8072033fc 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml @@ -19,13 +19,13 @@ spec: versions: - additionalPrinterColumns: - jsonPath: ".status.conditions[?(@.type==\"Scheduled\")].status" - name: "Scheduled" + name: "SCHEDULED" type: "string" - jsonPath: ".status.conditions[?(@.type==\"FullyApplied\")].status" - name: "FullyApplied" + name: "FULLYAPPLIED" type: "string" - jsonPath: ".metadata.creationTimestamp" - name: "Age" + name: "AGE" type: "date" name: "v1alpha2" schema: @@ -177,6 +177,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -202,11 +203,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -250,6 +253,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -275,11 +279,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -372,6 +378,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" @@ -397,11 +404,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -483,11 +492,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -504,14 +515,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" diff --git a/crd-catalog/kiali/kiali-operator/kiali.io/v1alpha1/kialis.yaml b/crd-catalog/kiali/kiali-operator/kiali.io/v1alpha1/kialis.yaml index 2cc216554..02624b89b 100644 --- a/crd-catalog/kiali/kiali-operator/kiali.io/v1alpha1/kialis.yaml +++ b/crd-catalog/kiali/kiali-operator/kiali.io/v1alpha1/kialis.yaml @@ -351,7 +351,7 @@ spec: description: "The priorityClassName used to assign the priority of the Kiali pod." type: "string" replicas: - description: "The replica count for the Kiail deployment." + description: "The replica count for the Kiail deployment. If `deployment.hpa` is specified, this setting is ignored." type: "integer" resources: description: "Defines compute resources that are to be given to the Kiali pod's container. The value is a dict as defined by Kubernetes. See the Kubernetes documentation (https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container).\nIf you set this to an empty dict (`{}`) then no resources will be defined in the Deployment.\nIf you do not set this at all, the default is,\n```\nrequests:\n cpu: \"10m\"\n memory: \"64Mi\"\nlimits:\n memory: \"1Gi\"\n```\n" @@ -573,6 +573,9 @@ spec: config_map_name: description: "The name of the istio control plane config map." type: "string" + egress_gateway_namespace: + description: "The namespace where Istio EgressGateway component is read for a status check. When left empty, then `istio_namespace` value is used." + type: "string" envoy_admin_local_port: description: "The port which kiali will open to fetch envoy config data information." type: "integer" @@ -588,6 +591,9 @@ spec: type: "string" type: "object" type: "array" + ingress_gateway_namespace: + description: "The namespace where Istio IngressGateway component is read for a status check. When left empty, then `istio_namespace` value is used." + type: "string" istio_api_enabled: description: "Indicates if Kiali has access to istiod. true by default." type: "boolean" @@ -836,6 +842,12 @@ spec: app_label_name: description: "The name of the label used to define what application a workload belongs to. This is typically something like `app` or `app.kubernetes.io/name`." type: "string" + egress_gateway_label: + description: "The selector label for Egress Gateway workload. This is typically `istio=egressgateway`." + type: "string" + ingress_gateway_label: + description: "The selector label for Ingress Gateway workload. This is typically `istio=ingressgateway`." + type: "string" injection_label_name: description: "The name of the label used to instruct Istio to automatically inject sidecar proxies when applications are deployed." type: "string" @@ -1165,7 +1177,7 @@ spec: - "https" type: "string" write_timeout: - description: "The maximum duration, in seconds, before timing out writes of the HTTP response back to the client. Default is 30." + description: "The maximum duration, in seconds, before timing out writes of the HTTP response back to the client. Default is 30.\n\nIn OpenShift clusters, the route request time out should be also increased as the default is 30 seconds. \nThis can be done by annotating the specific route with `haproxy.router.openshift.io/timeout`. \nSee https://docs.openshift.com/container-platform/4.16/networking/routes/route-configuration.html#nw-configuring-route-timeouts_route-configuration for further details.\n" type: "integer" type: "object" version: diff --git a/crd-catalog/kiegroup/kogito-serverless-operator/sonataflow.org/v1alpha08/sonataflows.yaml b/crd-catalog/kiegroup/kogito-serverless-operator/sonataflow.org/v1alpha08/sonataflows.yaml index a95669c1f..bba813cf3 100644 --- a/crd-catalog/kiegroup/kogito-serverless-operator/sonataflow.org/v1alpha08/sonataflows.yaml +++ b/crd-catalog/kiegroup/kogito-serverless-operator/sonataflow.org/v1alpha08/sonataflows.yaml @@ -5972,6 +5972,19 @@ spec: description: "The generation observed by the deployment controller." format: "int64" type: "integer" + platform: + description: "Platform displays which platform is being used by this workflow" + properties: + name: + description: "Name of the SonataFlowPlatform" + type: "string" + namespace: + description: "Namespace of the SonataFlowPlatform" + type: "string" + required: + - "name" + - "namespace" + type: "object" recoverFailureAttempts: description: "keeps track of how many failure recovers a given workflow had so far" type: "integer" diff --git a/crd-catalog/kube-green/kube-green/kube-green.com/v1alpha1/sleepinfos.yaml b/crd-catalog/kube-green/kube-green/kube-green.com/v1alpha1/sleepinfos.yaml index 1e82ca162..a4705d8b4 100644 --- a/crd-catalog/kube-green/kube-green/kube-green.com/v1alpha1/sleepinfos.yaml +++ b/crd-catalog/kube-green/kube-green/kube-green.com/v1alpha1/sleepinfos.yaml @@ -32,6 +32,28 @@ spec: excludeRef: description: "ExcludeRef define the resource to exclude from the sleep." items: + description: "Common type to use for both IncludeRef and ExcludeRef to prevent duplication" + properties: + apiVersion: + description: "ApiVersion of the kubernetes resources.\nSupported api version is \"apps/v1\"." + type: "string" + kind: + description: "Kind of the kubernetes resources of the specific version.\nSupported kind are \"Deployment\" and \"CronJob\"." + type: "string" + matchLabels: + additionalProperties: + type: "string" + description: "MatchLabels which identify the kubernetes resource by labels" + type: "object" + name: + description: "Name which identify the kubernetes resource." + type: "string" + type: "object" + type: "array" + includeRef: + description: "IncludeRef define the resource to include from the sleep." + items: + description: "Common type to use for both IncludeRef and ExcludeRef to prevent duplication" properties: apiVersion: description: "ApiVersion of the kubernetes resources.\nSupported api version is \"apps/v1\"." diff --git a/crd-catalog/kube-logging/logging-operator/logging-extensions.banzaicloud.io/v1alpha1/eventtailers.yaml b/crd-catalog/kube-logging/logging-operator/logging-extensions.banzaicloud.io/v1alpha1/eventtailers.yaml index 1fbcb4513..d8de8c5ef 100644 --- a/crd-catalog/kube-logging/logging-operator/logging-extensions.banzaicloud.io/v1alpha1/eventtailers.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging-extensions.banzaicloud.io/v1alpha1/eventtailers.yaml @@ -345,6 +345,34 @@ spec: type: "object" positionVolume: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusteroutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusteroutputs.yaml index 4acf19174..8a89bcb92 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusteroutputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusteroutputs.yaml @@ -3423,6 +3423,8 @@ spec: type: "string" use_default_for_unknown_topic: type: "boolean" + use_rdkafka: + type: "boolean" username: properties: mountFrom: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/outputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/outputs.yaml index f5302b182..f54bd1241 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/outputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/outputs.yaml @@ -3419,6 +3419,8 @@ spec: type: "string" use_default_for_unknown_topic: type: "boolean" + use_rdkafka: + type: "boolean" username: properties: mountFrom: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusteroutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusteroutputs.yaml index a90f763ff..0829d579c 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusteroutputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusteroutputs.yaml @@ -3423,6 +3423,8 @@ spec: type: "string" use_default_for_unknown_topic: type: "boolean" + use_rdkafka: + type: "boolean" username: properties: mountFrom: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/fluentbitagents.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/fluentbitagents.yaml index a1fee8101..67333417b 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/fluentbitagents.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/fluentbitagents.yaml @@ -489,6 +489,34 @@ spec: type: "object" bufferStorageVolume: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: @@ -1753,6 +1781,34 @@ spec: type: "string" position_db: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: @@ -1911,6 +1967,34 @@ spec: type: "object" positiondb: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: @@ -2381,6 +2465,8 @@ spec: type: "object" syslogng_output: properties: + Retry_Limit: + type: "string" Workers: type: "integer" json_date_format: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/loggings.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/loggings.yaml index 622cc9bd6..357f1c693 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/loggings.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/loggings.yaml @@ -1515,6 +1515,34 @@ spec: type: "object" bufferStorageVolume: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: @@ -2779,6 +2807,34 @@ spec: type: "string" position_db: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: @@ -2937,6 +2993,34 @@ spec: type: "object" positiondb: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: @@ -3407,6 +3491,8 @@ spec: type: "object" syslogng_output: properties: + Retry_Limit: + type: "string" Workers: type: "integer" json_date_format: @@ -3912,6 +3998,34 @@ spec: type: "object" bufferStorageVolume: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: @@ -4533,6 +4647,34 @@ spec: type: "string" volume: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: @@ -4710,6 +4852,34 @@ spec: type: "object" fluentdPvcSpec: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: @@ -7570,6 +7740,34 @@ spec: type: "object" bufferStorageVolume: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: @@ -11854,6 +12052,34 @@ spec: type: "string" positiondb: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/nodeagents.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/nodeagents.yaml index 332f4e732..911138115 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/nodeagents.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/nodeagents.yaml @@ -59,6 +59,34 @@ spec: type: "object" bufferStorageVolume: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: @@ -4343,6 +4371,34 @@ spec: type: "string" positiondb: properties: + configMap: + properties: + defaultMode: + format: "int32" + type: "integer" + items: + items: + properties: + key: + type: "string" + mode: + format: "int32" + type: "integer" + path: + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + name: + default: "" + type: "string" + optional: + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" emptyDir: properties: medium: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/outputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/outputs.yaml index b6c6af0db..f84d495b6 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/outputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/outputs.yaml @@ -3419,6 +3419,8 @@ spec: type: "string" use_default_for_unknown_topic: type: "boolean" + use_rdkafka: + type: "boolean" username: properties: mountFrom: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml index 9c0e4e851..3e19bb90c 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml @@ -322,6 +322,280 @@ spec: workers: type: "integer" type: "object" + elasticsearch-datastream: + properties: + batch-bytes: + type: "integer" + batch-lines: + type: "integer" + batch-timeout: + type: "integer" + body: + type: "string" + body-prefix: + type: "string" + body-suffix: + type: "string" + delimiter: + type: "string" + disk_buffer: + properties: + compaction: + type: "boolean" + dir: + type: "string" + disk_buf_size: + format: "int64" + type: "integer" + mem_buf_length: + format: "int64" + type: "integer" + mem_buf_size: + format: "int64" + type: "integer" + q_out_size: + format: "int64" + type: "integer" + reliable: + type: "boolean" + required: + - "disk_buf_size" + - "reliable" + type: "object" + headers: + items: + type: "string" + type: "array" + log-fifo-size: + type: "integer" + method: + type: "string" + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + persist_name: + type: "string" + record: + type: "string" + response-action: + additionalProperties: + type: "string" + type: "object" + retries: + type: "integer" + time_reopen: + type: "integer" + timeout: + type: "integer" + tls: + properties: + ca_dir: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + ca_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + cert_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + cipher-suite: + type: "string" + key_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + peer_verify: + type: "boolean" + ssl_version: + enum: + - "sslv3" + - "tlsv1" + - "tlsv1_0" + - "tlsv1_1" + - "tlsv1_2" + - "tlsv1_3" + type: "string" + use-system-cert-store: + type: "boolean" + type: "object" + url: + type: "string" + user: + type: "string" + user-agent: + type: "string" + workers: + type: "integer" + type: "object" enabledNamespaces: items: type: "string" diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml index 93ca08122..e37a6def2 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml @@ -322,6 +322,280 @@ spec: workers: type: "integer" type: "object" + elasticsearch-datastream: + properties: + batch-bytes: + type: "integer" + batch-lines: + type: "integer" + batch-timeout: + type: "integer" + body: + type: "string" + body-prefix: + type: "string" + body-suffix: + type: "string" + delimiter: + type: "string" + disk_buffer: + properties: + compaction: + type: "boolean" + dir: + type: "string" + disk_buf_size: + format: "int64" + type: "integer" + mem_buf_length: + format: "int64" + type: "integer" + mem_buf_size: + format: "int64" + type: "integer" + q_out_size: + format: "int64" + type: "integer" + reliable: + type: "boolean" + required: + - "disk_buf_size" + - "reliable" + type: "object" + headers: + items: + type: "string" + type: "array" + log-fifo-size: + type: "integer" + method: + type: "string" + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + persist_name: + type: "string" + record: + type: "string" + response-action: + additionalProperties: + type: "string" + type: "object" + retries: + type: "integer" + time_reopen: + type: "integer" + timeout: + type: "integer" + tls: + properties: + ca_dir: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + ca_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + cert_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + cipher-suite: + type: "string" + key_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + peer_verify: + type: "boolean" + ssl_version: + enum: + - "sslv3" + - "tlsv1" + - "tlsv1_0" + - "tlsv1_1" + - "tlsv1_2" + - "tlsv1_3" + type: "string" + use-system-cert-store: + type: "boolean" + type: "object" + url: + type: "string" + user: + type: "string" + user-agent: + type: "string" + workers: + type: "integer" + type: "object" file: properties: create_dirs: diff --git a/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1beta1/devices.yaml b/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1beta1/devices.yaml index b62501e33..325ea7c0e 100644 --- a/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1beta1/devices.yaml +++ b/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1beta1/devices.yaml @@ -218,6 +218,12 @@ spec: status: description: "DeviceStatus reports the device state and the desired/reported values of twin attributes." properties: + lastOnlineTime: + description: "Optional: The last time the device was online." + type: "string" + state: + description: "Optional: The state of the device." + type: "string" twins: description: "A list of device twins containing desired/reported desired/reported values of twin properties. Optional: A passive device won't have twin properties and this list could be empty." items: diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/addonproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/addonproviders.yaml index 6591a5a75..3f3751517 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/addonproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/addonproviders.yaml @@ -38,6 +38,841 @@ spec: spec: description: "AddonProviderSpec defines the desired state of AddonProvider." properties: + additionalDeployments: + additionalProperties: + description: "AdditionalDeployments defines the properties that can be enabled on the controller\nmanager and deployment for the provider if the provider is managing additional deployments." + properties: + deployment: + description: "Deployment defines the properties that can be enabled on the deployment for the additional provider deployment." + properties: + affinity: + description: "If specified, the pod's scheduling constraints" + properties: + nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." + items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + properties: + preference: + description: "A node selector term, associated with the corresponding weight." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." + format: "int32" + type: "integer" + required: + - "preference" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." + properties: + nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." + items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + required: + - "nodeSelectorTerms" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + type: "object" + containers: + description: "List of containers specified in the Deployment" + items: + description: "ContainerSpec defines the properties available to override for each\ncontainer in a provider deployment such as Image and Args to the container’s\nentrypoint." + properties: + args: + additionalProperties: + type: "string" + description: "Args represents extra provider specific flags that are not encoded as fields in this API.\nExplicit controller manager properties defined in the `Provider.ManagerSpec`\nwill have higher precedence than those defined in `ContainerSpec.Args`.\nFor example, `ManagerSpec.SyncPeriod` will be used instead of the\ncontainer arg `--sync-period` if both are defined.\nThe same holds for `ManagerSpec.FeatureGates` and `--feature-gates`." + type: "object" + command: + description: "Command allows override container's entrypoint array." + items: + type: "string" + type: "array" + env: + description: "List of environment variables to set in the container." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + imageUrl: + description: "Container Image URL" + type: "string" + name: + description: "Name of the container. Cannot be updated." + type: "string" + resources: + description: "Compute resources required by this container." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + required: + - "name" + type: "object" + type: "array" + imagePullSecrets: + description: "List of image pull secrets specified in the Deployment" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + nodeSelector: + additionalProperties: + type: "string" + description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + type: "object" + replicas: + description: "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1." + minimum: 0.0 + type: "integer" + serviceAccountName: + description: "If specified, the pod's service account" + type: "string" + tolerations: + description: "If specified, the pod's tolerations." + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." + properties: + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + type: "string" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." + type: "string" + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." + type: "string" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." + type: "string" + type: "object" + type: "array" + type: "object" + manager: + description: "Manager defines the properties that can be enabled on the controller manager for the additional provider deployment." + properties: + cacheNamespace: + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + type: "string" + controller: + description: "Controller contains global configuration options for controllers\nregistered within this manager." + properties: + cacheSyncTimeout: + description: "CacheSyncTimeout refers to the time limit set to wait for syncing caches.\nDefaults to 2 minutes if not set." + format: "int64" + type: "integer" + groupKindConcurrency: + additionalProperties: + type: "integer" + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + type: "object" + recoverPanic: + description: "RecoverPanic indicates if panics should be recovered." + type: "boolean" + type: "object" + featureGates: + additionalProperties: + type: "boolean" + description: "FeatureGates define provider specific feature flags that will be passed\nin as container args to the provider's controller manager.\nController Manager flag is --feature-gates." + type: "object" + gracefulShutDown: + description: "GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop.\nTo disable graceful shutdown, set to time.Duration(0)\nTo use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1)\nThe graceful shutdown is skipped for safety reasons in case the leader election lease is lost." + type: "string" + health: + description: "Health contains the controller health configuration" + properties: + healthProbeBindAddress: + description: "HealthProbeBindAddress is the TCP address that the controller should bind to\nfor serving health probes\nIt can be set to \"0\" or \"\" to disable serving the health probe." + type: "string" + livenessEndpointName: + description: "LivenessEndpointName, defaults to \"healthz\"" + type: "string" + readinessEndpointName: + description: "ReadinessEndpointName, defaults to \"readyz\"" + type: "string" + type: "object" + leaderElection: + description: "LeaderElection is the LeaderElection config to be used when configuring\nthe manager.Manager leader election" + properties: + leaderElect: + description: "leaderElect enables a leader election client to gain leadership\nbefore executing the main loop. Enable this when running replicated\ncomponents for high availability." + type: "boolean" + leaseDuration: + description: "leaseDuration is the duration that non-leader candidates will wait\nafter observing a leadership renewal until attempting to acquire\nleadership of a led but unrenewed leader slot. This is effectively the\nmaximum duration that a leader can be stopped before it is replaced\nby another candidate. This is only applicable if leader election is\nenabled." + type: "string" + renewDeadline: + description: "renewDeadline is the interval between attempts by the acting master to\nrenew a leadership slot before it stops leading. This must be less\nthan or equal to the lease duration. This is only applicable if leader\nelection is enabled." + type: "string" + resourceLock: + description: "resourceLock indicates the resource object type that will be used to lock\nduring leader election cycles." + type: "string" + resourceName: + description: "resourceName indicates the name of resource object that will be used to lock\nduring leader election cycles." + type: "string" + resourceNamespace: + description: "resourceName indicates the namespace of resource object that will be used to lock\nduring leader election cycles." + type: "string" + retryPeriod: + description: "retryPeriod is the duration the clients should wait between attempting\nacquisition and renewal of a leadership. This is only applicable if\nleader election is enabled." + type: "string" + required: + - "leaderElect" + - "leaseDuration" + - "renewDeadline" + - "resourceLock" + - "resourceName" + - "resourceNamespace" + - "retryPeriod" + type: "object" + maxConcurrentReconciles: + description: "MaxConcurrentReconciles is the maximum number of concurrent Reconciles\nwhich can be run." + minimum: 1.0 + type: "integer" + metrics: + description: "Metrics contains thw controller metrics configuration" + properties: + bindAddress: + description: "BindAddress is the TCP address that the controller should bind to\nfor serving prometheus metrics.\nIt can be set to \"0\" to disable the metrics serving." + type: "string" + type: "object" + profilerAddress: + description: "ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060).\nDefault empty, meaning the profiler is disabled.\nController Manager flag is --profiler-address." + type: "string" + syncPeriod: + description: "SyncPeriod determines the minimum frequency at which watched resources are\nreconciled. A lower period will correct entropy more quickly, but reduce\nresponsiveness to change if there are many watched resources. Change this\nvalue only if you know what you are doing. Defaults to 10 hours if unset.\nthere will a 10 percent jitter between the SyncPeriod of all controllers\nso that all controllers will not send list requests simultaneously." + type: "string" + verbosity: + default: 1 + description: "Verbosity set the logs verbosity. Defaults to 1.\nController Manager flag is --verbosity." + minimum: 0.0 + type: "integer" + webhook: + description: "Webhook contains the controllers webhook configuration" + properties: + certDir: + description: "CertDir is the directory that contains the server key and certificate.\nif not set, webhook server would look up the server key and certificate in\n{TempDir}/k8s-webhook-server/serving-certs. The server key and certificate\nmust be named tls.key and tls.crt, respectively." + type: "string" + host: + description: "Host is the hostname that the webhook server binds to.\nIt is used to set webhook.Server.Host." + type: "string" + port: + description: "Port is the port that the webhook server serves at.\nIt is used to set webhook.Server.Port." + type: "integer" + type: "object" + type: "object" + type: "object" + description: "AdditionalDeployments is a map of additional deployments that the provider\nshould manage. The key is the name of the deployment and the value is the\nDeploymentSpec." + type: "object" additionalManifests: description: "AdditionalManifests is reference to configmap that contains additional manifests that will be applied\ntogether with the provider components. The key for storing these manifests has to be `manifests`.\nThe manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the\nnamespace of the provider will be used. There is no validation of the yaml content inside the configmap." properties: diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/bootstrapproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/bootstrapproviders.yaml index d6bae6bbd..05a4fe035 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/bootstrapproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/bootstrapproviders.yaml @@ -38,6 +38,841 @@ spec: spec: description: "BootstrapProviderSpec defines the desired state of BootstrapProvider." properties: + additionalDeployments: + additionalProperties: + description: "AdditionalDeployments defines the properties that can be enabled on the controller\nmanager and deployment for the provider if the provider is managing additional deployments." + properties: + deployment: + description: "Deployment defines the properties that can be enabled on the deployment for the additional provider deployment." + properties: + affinity: + description: "If specified, the pod's scheduling constraints" + properties: + nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." + items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + properties: + preference: + description: "A node selector term, associated with the corresponding weight." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." + format: "int32" + type: "integer" + required: + - "preference" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." + properties: + nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." + items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + required: + - "nodeSelectorTerms" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + type: "object" + containers: + description: "List of containers specified in the Deployment" + items: + description: "ContainerSpec defines the properties available to override for each\ncontainer in a provider deployment such as Image and Args to the container’s\nentrypoint." + properties: + args: + additionalProperties: + type: "string" + description: "Args represents extra provider specific flags that are not encoded as fields in this API.\nExplicit controller manager properties defined in the `Provider.ManagerSpec`\nwill have higher precedence than those defined in `ContainerSpec.Args`.\nFor example, `ManagerSpec.SyncPeriod` will be used instead of the\ncontainer arg `--sync-period` if both are defined.\nThe same holds for `ManagerSpec.FeatureGates` and `--feature-gates`." + type: "object" + command: + description: "Command allows override container's entrypoint array." + items: + type: "string" + type: "array" + env: + description: "List of environment variables to set in the container." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + imageUrl: + description: "Container Image URL" + type: "string" + name: + description: "Name of the container. Cannot be updated." + type: "string" + resources: + description: "Compute resources required by this container." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + required: + - "name" + type: "object" + type: "array" + imagePullSecrets: + description: "List of image pull secrets specified in the Deployment" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + nodeSelector: + additionalProperties: + type: "string" + description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + type: "object" + replicas: + description: "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1." + minimum: 0.0 + type: "integer" + serviceAccountName: + description: "If specified, the pod's service account" + type: "string" + tolerations: + description: "If specified, the pod's tolerations." + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." + properties: + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + type: "string" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." + type: "string" + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." + type: "string" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." + type: "string" + type: "object" + type: "array" + type: "object" + manager: + description: "Manager defines the properties that can be enabled on the controller manager for the additional provider deployment." + properties: + cacheNamespace: + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + type: "string" + controller: + description: "Controller contains global configuration options for controllers\nregistered within this manager." + properties: + cacheSyncTimeout: + description: "CacheSyncTimeout refers to the time limit set to wait for syncing caches.\nDefaults to 2 minutes if not set." + format: "int64" + type: "integer" + groupKindConcurrency: + additionalProperties: + type: "integer" + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + type: "object" + recoverPanic: + description: "RecoverPanic indicates if panics should be recovered." + type: "boolean" + type: "object" + featureGates: + additionalProperties: + type: "boolean" + description: "FeatureGates define provider specific feature flags that will be passed\nin as container args to the provider's controller manager.\nController Manager flag is --feature-gates." + type: "object" + gracefulShutDown: + description: "GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop.\nTo disable graceful shutdown, set to time.Duration(0)\nTo use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1)\nThe graceful shutdown is skipped for safety reasons in case the leader election lease is lost." + type: "string" + health: + description: "Health contains the controller health configuration" + properties: + healthProbeBindAddress: + description: "HealthProbeBindAddress is the TCP address that the controller should bind to\nfor serving health probes\nIt can be set to \"0\" or \"\" to disable serving the health probe." + type: "string" + livenessEndpointName: + description: "LivenessEndpointName, defaults to \"healthz\"" + type: "string" + readinessEndpointName: + description: "ReadinessEndpointName, defaults to \"readyz\"" + type: "string" + type: "object" + leaderElection: + description: "LeaderElection is the LeaderElection config to be used when configuring\nthe manager.Manager leader election" + properties: + leaderElect: + description: "leaderElect enables a leader election client to gain leadership\nbefore executing the main loop. Enable this when running replicated\ncomponents for high availability." + type: "boolean" + leaseDuration: + description: "leaseDuration is the duration that non-leader candidates will wait\nafter observing a leadership renewal until attempting to acquire\nleadership of a led but unrenewed leader slot. This is effectively the\nmaximum duration that a leader can be stopped before it is replaced\nby another candidate. This is only applicable if leader election is\nenabled." + type: "string" + renewDeadline: + description: "renewDeadline is the interval between attempts by the acting master to\nrenew a leadership slot before it stops leading. This must be less\nthan or equal to the lease duration. This is only applicable if leader\nelection is enabled." + type: "string" + resourceLock: + description: "resourceLock indicates the resource object type that will be used to lock\nduring leader election cycles." + type: "string" + resourceName: + description: "resourceName indicates the name of resource object that will be used to lock\nduring leader election cycles." + type: "string" + resourceNamespace: + description: "resourceName indicates the namespace of resource object that will be used to lock\nduring leader election cycles." + type: "string" + retryPeriod: + description: "retryPeriod is the duration the clients should wait between attempting\nacquisition and renewal of a leadership. This is only applicable if\nleader election is enabled." + type: "string" + required: + - "leaderElect" + - "leaseDuration" + - "renewDeadline" + - "resourceLock" + - "resourceName" + - "resourceNamespace" + - "retryPeriod" + type: "object" + maxConcurrentReconciles: + description: "MaxConcurrentReconciles is the maximum number of concurrent Reconciles\nwhich can be run." + minimum: 1.0 + type: "integer" + metrics: + description: "Metrics contains thw controller metrics configuration" + properties: + bindAddress: + description: "BindAddress is the TCP address that the controller should bind to\nfor serving prometheus metrics.\nIt can be set to \"0\" to disable the metrics serving." + type: "string" + type: "object" + profilerAddress: + description: "ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060).\nDefault empty, meaning the profiler is disabled.\nController Manager flag is --profiler-address." + type: "string" + syncPeriod: + description: "SyncPeriod determines the minimum frequency at which watched resources are\nreconciled. A lower period will correct entropy more quickly, but reduce\nresponsiveness to change if there are many watched resources. Change this\nvalue only if you know what you are doing. Defaults to 10 hours if unset.\nthere will a 10 percent jitter between the SyncPeriod of all controllers\nso that all controllers will not send list requests simultaneously." + type: "string" + verbosity: + default: 1 + description: "Verbosity set the logs verbosity. Defaults to 1.\nController Manager flag is --verbosity." + minimum: 0.0 + type: "integer" + webhook: + description: "Webhook contains the controllers webhook configuration" + properties: + certDir: + description: "CertDir is the directory that contains the server key and certificate.\nif not set, webhook server would look up the server key and certificate in\n{TempDir}/k8s-webhook-server/serving-certs. The server key and certificate\nmust be named tls.key and tls.crt, respectively." + type: "string" + host: + description: "Host is the hostname that the webhook server binds to.\nIt is used to set webhook.Server.Host." + type: "string" + port: + description: "Port is the port that the webhook server serves at.\nIt is used to set webhook.Server.Port." + type: "integer" + type: "object" + type: "object" + type: "object" + description: "AdditionalDeployments is a map of additional deployments that the provider\nshould manage. The key is the name of the deployment and the value is the\nDeploymentSpec." + type: "object" additionalManifests: description: "AdditionalManifests is reference to configmap that contains additional manifests that will be applied\ntogether with the provider components. The key for storing these manifests has to be `manifests`.\nThe manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the\nnamespace of the provider will be used. There is no validation of the yaml content inside the configmap." properties: diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/controlplaneproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/controlplaneproviders.yaml index 6b771715e..75918dd78 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/controlplaneproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/controlplaneproviders.yaml @@ -38,6 +38,841 @@ spec: spec: description: "ControlPlaneProviderSpec defines the desired state of ControlPlaneProvider." properties: + additionalDeployments: + additionalProperties: + description: "AdditionalDeployments defines the properties that can be enabled on the controller\nmanager and deployment for the provider if the provider is managing additional deployments." + properties: + deployment: + description: "Deployment defines the properties that can be enabled on the deployment for the additional provider deployment." + properties: + affinity: + description: "If specified, the pod's scheduling constraints" + properties: + nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." + items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + properties: + preference: + description: "A node selector term, associated with the corresponding weight." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." + format: "int32" + type: "integer" + required: + - "preference" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." + properties: + nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." + items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + required: + - "nodeSelectorTerms" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + type: "object" + containers: + description: "List of containers specified in the Deployment" + items: + description: "ContainerSpec defines the properties available to override for each\ncontainer in a provider deployment such as Image and Args to the container’s\nentrypoint." + properties: + args: + additionalProperties: + type: "string" + description: "Args represents extra provider specific flags that are not encoded as fields in this API.\nExplicit controller manager properties defined in the `Provider.ManagerSpec`\nwill have higher precedence than those defined in `ContainerSpec.Args`.\nFor example, `ManagerSpec.SyncPeriod` will be used instead of the\ncontainer arg `--sync-period` if both are defined.\nThe same holds for `ManagerSpec.FeatureGates` and `--feature-gates`." + type: "object" + command: + description: "Command allows override container's entrypoint array." + items: + type: "string" + type: "array" + env: + description: "List of environment variables to set in the container." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + imageUrl: + description: "Container Image URL" + type: "string" + name: + description: "Name of the container. Cannot be updated." + type: "string" + resources: + description: "Compute resources required by this container." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + required: + - "name" + type: "object" + type: "array" + imagePullSecrets: + description: "List of image pull secrets specified in the Deployment" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + nodeSelector: + additionalProperties: + type: "string" + description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + type: "object" + replicas: + description: "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1." + minimum: 0.0 + type: "integer" + serviceAccountName: + description: "If specified, the pod's service account" + type: "string" + tolerations: + description: "If specified, the pod's tolerations." + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." + properties: + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + type: "string" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." + type: "string" + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." + type: "string" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." + type: "string" + type: "object" + type: "array" + type: "object" + manager: + description: "Manager defines the properties that can be enabled on the controller manager for the additional provider deployment." + properties: + cacheNamespace: + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + type: "string" + controller: + description: "Controller contains global configuration options for controllers\nregistered within this manager." + properties: + cacheSyncTimeout: + description: "CacheSyncTimeout refers to the time limit set to wait for syncing caches.\nDefaults to 2 minutes if not set." + format: "int64" + type: "integer" + groupKindConcurrency: + additionalProperties: + type: "integer" + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + type: "object" + recoverPanic: + description: "RecoverPanic indicates if panics should be recovered." + type: "boolean" + type: "object" + featureGates: + additionalProperties: + type: "boolean" + description: "FeatureGates define provider specific feature flags that will be passed\nin as container args to the provider's controller manager.\nController Manager flag is --feature-gates." + type: "object" + gracefulShutDown: + description: "GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop.\nTo disable graceful shutdown, set to time.Duration(0)\nTo use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1)\nThe graceful shutdown is skipped for safety reasons in case the leader election lease is lost." + type: "string" + health: + description: "Health contains the controller health configuration" + properties: + healthProbeBindAddress: + description: "HealthProbeBindAddress is the TCP address that the controller should bind to\nfor serving health probes\nIt can be set to \"0\" or \"\" to disable serving the health probe." + type: "string" + livenessEndpointName: + description: "LivenessEndpointName, defaults to \"healthz\"" + type: "string" + readinessEndpointName: + description: "ReadinessEndpointName, defaults to \"readyz\"" + type: "string" + type: "object" + leaderElection: + description: "LeaderElection is the LeaderElection config to be used when configuring\nthe manager.Manager leader election" + properties: + leaderElect: + description: "leaderElect enables a leader election client to gain leadership\nbefore executing the main loop. Enable this when running replicated\ncomponents for high availability." + type: "boolean" + leaseDuration: + description: "leaseDuration is the duration that non-leader candidates will wait\nafter observing a leadership renewal until attempting to acquire\nleadership of a led but unrenewed leader slot. This is effectively the\nmaximum duration that a leader can be stopped before it is replaced\nby another candidate. This is only applicable if leader election is\nenabled." + type: "string" + renewDeadline: + description: "renewDeadline is the interval between attempts by the acting master to\nrenew a leadership slot before it stops leading. This must be less\nthan or equal to the lease duration. This is only applicable if leader\nelection is enabled." + type: "string" + resourceLock: + description: "resourceLock indicates the resource object type that will be used to lock\nduring leader election cycles." + type: "string" + resourceName: + description: "resourceName indicates the name of resource object that will be used to lock\nduring leader election cycles." + type: "string" + resourceNamespace: + description: "resourceName indicates the namespace of resource object that will be used to lock\nduring leader election cycles." + type: "string" + retryPeriod: + description: "retryPeriod is the duration the clients should wait between attempting\nacquisition and renewal of a leadership. This is only applicable if\nleader election is enabled." + type: "string" + required: + - "leaderElect" + - "leaseDuration" + - "renewDeadline" + - "resourceLock" + - "resourceName" + - "resourceNamespace" + - "retryPeriod" + type: "object" + maxConcurrentReconciles: + description: "MaxConcurrentReconciles is the maximum number of concurrent Reconciles\nwhich can be run." + minimum: 1.0 + type: "integer" + metrics: + description: "Metrics contains thw controller metrics configuration" + properties: + bindAddress: + description: "BindAddress is the TCP address that the controller should bind to\nfor serving prometheus metrics.\nIt can be set to \"0\" to disable the metrics serving." + type: "string" + type: "object" + profilerAddress: + description: "ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060).\nDefault empty, meaning the profiler is disabled.\nController Manager flag is --profiler-address." + type: "string" + syncPeriod: + description: "SyncPeriod determines the minimum frequency at which watched resources are\nreconciled. A lower period will correct entropy more quickly, but reduce\nresponsiveness to change if there are many watched resources. Change this\nvalue only if you know what you are doing. Defaults to 10 hours if unset.\nthere will a 10 percent jitter between the SyncPeriod of all controllers\nso that all controllers will not send list requests simultaneously." + type: "string" + verbosity: + default: 1 + description: "Verbosity set the logs verbosity. Defaults to 1.\nController Manager flag is --verbosity." + minimum: 0.0 + type: "integer" + webhook: + description: "Webhook contains the controllers webhook configuration" + properties: + certDir: + description: "CertDir is the directory that contains the server key and certificate.\nif not set, webhook server would look up the server key and certificate in\n{TempDir}/k8s-webhook-server/serving-certs. The server key and certificate\nmust be named tls.key and tls.crt, respectively." + type: "string" + host: + description: "Host is the hostname that the webhook server binds to.\nIt is used to set webhook.Server.Host." + type: "string" + port: + description: "Port is the port that the webhook server serves at.\nIt is used to set webhook.Server.Port." + type: "integer" + type: "object" + type: "object" + type: "object" + description: "AdditionalDeployments is a map of additional deployments that the provider\nshould manage. The key is the name of the deployment and the value is the\nDeploymentSpec." + type: "object" additionalManifests: description: "AdditionalManifests is reference to configmap that contains additional manifests that will be applied\ntogether with the provider components. The key for storing these manifests has to be `manifests`.\nThe manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the\nnamespace of the provider will be used. There is no validation of the yaml content inside the configmap." properties: diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/coreproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/coreproviders.yaml index dfcb8b84b..5e0c0befe 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/coreproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/coreproviders.yaml @@ -38,6 +38,841 @@ spec: spec: description: "CoreProviderSpec defines the desired state of CoreProvider." properties: + additionalDeployments: + additionalProperties: + description: "AdditionalDeployments defines the properties that can be enabled on the controller\nmanager and deployment for the provider if the provider is managing additional deployments." + properties: + deployment: + description: "Deployment defines the properties that can be enabled on the deployment for the additional provider deployment." + properties: + affinity: + description: "If specified, the pod's scheduling constraints" + properties: + nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." + items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + properties: + preference: + description: "A node selector term, associated with the corresponding weight." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." + format: "int32" + type: "integer" + required: + - "preference" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." + properties: + nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." + items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + required: + - "nodeSelectorTerms" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + type: "object" + containers: + description: "List of containers specified in the Deployment" + items: + description: "ContainerSpec defines the properties available to override for each\ncontainer in a provider deployment such as Image and Args to the container’s\nentrypoint." + properties: + args: + additionalProperties: + type: "string" + description: "Args represents extra provider specific flags that are not encoded as fields in this API.\nExplicit controller manager properties defined in the `Provider.ManagerSpec`\nwill have higher precedence than those defined in `ContainerSpec.Args`.\nFor example, `ManagerSpec.SyncPeriod` will be used instead of the\ncontainer arg `--sync-period` if both are defined.\nThe same holds for `ManagerSpec.FeatureGates` and `--feature-gates`." + type: "object" + command: + description: "Command allows override container's entrypoint array." + items: + type: "string" + type: "array" + env: + description: "List of environment variables to set in the container." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + imageUrl: + description: "Container Image URL" + type: "string" + name: + description: "Name of the container. Cannot be updated." + type: "string" + resources: + description: "Compute resources required by this container." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + required: + - "name" + type: "object" + type: "array" + imagePullSecrets: + description: "List of image pull secrets specified in the Deployment" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + nodeSelector: + additionalProperties: + type: "string" + description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + type: "object" + replicas: + description: "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1." + minimum: 0.0 + type: "integer" + serviceAccountName: + description: "If specified, the pod's service account" + type: "string" + tolerations: + description: "If specified, the pod's tolerations." + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." + properties: + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + type: "string" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." + type: "string" + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." + type: "string" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." + type: "string" + type: "object" + type: "array" + type: "object" + manager: + description: "Manager defines the properties that can be enabled on the controller manager for the additional provider deployment." + properties: + cacheNamespace: + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + type: "string" + controller: + description: "Controller contains global configuration options for controllers\nregistered within this manager." + properties: + cacheSyncTimeout: + description: "CacheSyncTimeout refers to the time limit set to wait for syncing caches.\nDefaults to 2 minutes if not set." + format: "int64" + type: "integer" + groupKindConcurrency: + additionalProperties: + type: "integer" + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + type: "object" + recoverPanic: + description: "RecoverPanic indicates if panics should be recovered." + type: "boolean" + type: "object" + featureGates: + additionalProperties: + type: "boolean" + description: "FeatureGates define provider specific feature flags that will be passed\nin as container args to the provider's controller manager.\nController Manager flag is --feature-gates." + type: "object" + gracefulShutDown: + description: "GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop.\nTo disable graceful shutdown, set to time.Duration(0)\nTo use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1)\nThe graceful shutdown is skipped for safety reasons in case the leader election lease is lost." + type: "string" + health: + description: "Health contains the controller health configuration" + properties: + healthProbeBindAddress: + description: "HealthProbeBindAddress is the TCP address that the controller should bind to\nfor serving health probes\nIt can be set to \"0\" or \"\" to disable serving the health probe." + type: "string" + livenessEndpointName: + description: "LivenessEndpointName, defaults to \"healthz\"" + type: "string" + readinessEndpointName: + description: "ReadinessEndpointName, defaults to \"readyz\"" + type: "string" + type: "object" + leaderElection: + description: "LeaderElection is the LeaderElection config to be used when configuring\nthe manager.Manager leader election" + properties: + leaderElect: + description: "leaderElect enables a leader election client to gain leadership\nbefore executing the main loop. Enable this when running replicated\ncomponents for high availability." + type: "boolean" + leaseDuration: + description: "leaseDuration is the duration that non-leader candidates will wait\nafter observing a leadership renewal until attempting to acquire\nleadership of a led but unrenewed leader slot. This is effectively the\nmaximum duration that a leader can be stopped before it is replaced\nby another candidate. This is only applicable if leader election is\nenabled." + type: "string" + renewDeadline: + description: "renewDeadline is the interval between attempts by the acting master to\nrenew a leadership slot before it stops leading. This must be less\nthan or equal to the lease duration. This is only applicable if leader\nelection is enabled." + type: "string" + resourceLock: + description: "resourceLock indicates the resource object type that will be used to lock\nduring leader election cycles." + type: "string" + resourceName: + description: "resourceName indicates the name of resource object that will be used to lock\nduring leader election cycles." + type: "string" + resourceNamespace: + description: "resourceName indicates the namespace of resource object that will be used to lock\nduring leader election cycles." + type: "string" + retryPeriod: + description: "retryPeriod is the duration the clients should wait between attempting\nacquisition and renewal of a leadership. This is only applicable if\nleader election is enabled." + type: "string" + required: + - "leaderElect" + - "leaseDuration" + - "renewDeadline" + - "resourceLock" + - "resourceName" + - "resourceNamespace" + - "retryPeriod" + type: "object" + maxConcurrentReconciles: + description: "MaxConcurrentReconciles is the maximum number of concurrent Reconciles\nwhich can be run." + minimum: 1.0 + type: "integer" + metrics: + description: "Metrics contains thw controller metrics configuration" + properties: + bindAddress: + description: "BindAddress is the TCP address that the controller should bind to\nfor serving prometheus metrics.\nIt can be set to \"0\" to disable the metrics serving." + type: "string" + type: "object" + profilerAddress: + description: "ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060).\nDefault empty, meaning the profiler is disabled.\nController Manager flag is --profiler-address." + type: "string" + syncPeriod: + description: "SyncPeriod determines the minimum frequency at which watched resources are\nreconciled. A lower period will correct entropy more quickly, but reduce\nresponsiveness to change if there are many watched resources. Change this\nvalue only if you know what you are doing. Defaults to 10 hours if unset.\nthere will a 10 percent jitter between the SyncPeriod of all controllers\nso that all controllers will not send list requests simultaneously." + type: "string" + verbosity: + default: 1 + description: "Verbosity set the logs verbosity. Defaults to 1.\nController Manager flag is --verbosity." + minimum: 0.0 + type: "integer" + webhook: + description: "Webhook contains the controllers webhook configuration" + properties: + certDir: + description: "CertDir is the directory that contains the server key and certificate.\nif not set, webhook server would look up the server key and certificate in\n{TempDir}/k8s-webhook-server/serving-certs. The server key and certificate\nmust be named tls.key and tls.crt, respectively." + type: "string" + host: + description: "Host is the hostname that the webhook server binds to.\nIt is used to set webhook.Server.Host." + type: "string" + port: + description: "Port is the port that the webhook server serves at.\nIt is used to set webhook.Server.Port." + type: "integer" + type: "object" + type: "object" + type: "object" + description: "AdditionalDeployments is a map of additional deployments that the provider\nshould manage. The key is the name of the deployment and the value is the\nDeploymentSpec." + type: "object" additionalManifests: description: "AdditionalManifests is reference to configmap that contains additional manifests that will be applied\ntogether with the provider components. The key for storing these manifests has to be `manifests`.\nThe manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the\nnamespace of the provider will be used. There is no validation of the yaml content inside the configmap." properties: diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/infrastructureproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/infrastructureproviders.yaml index fadafc7ea..1bf0c5f50 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/infrastructureproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/infrastructureproviders.yaml @@ -38,6 +38,841 @@ spec: spec: description: "InfrastructureProviderSpec defines the desired state of InfrastructureProvider." properties: + additionalDeployments: + additionalProperties: + description: "AdditionalDeployments defines the properties that can be enabled on the controller\nmanager and deployment for the provider if the provider is managing additional deployments." + properties: + deployment: + description: "Deployment defines the properties that can be enabled on the deployment for the additional provider deployment." + properties: + affinity: + description: "If specified, the pod's scheduling constraints" + properties: + nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." + items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + properties: + preference: + description: "A node selector term, associated with the corresponding weight." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." + format: "int32" + type: "integer" + required: + - "preference" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." + properties: + nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." + items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + required: + - "nodeSelectorTerms" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + type: "object" + containers: + description: "List of containers specified in the Deployment" + items: + description: "ContainerSpec defines the properties available to override for each\ncontainer in a provider deployment such as Image and Args to the container’s\nentrypoint." + properties: + args: + additionalProperties: + type: "string" + description: "Args represents extra provider specific flags that are not encoded as fields in this API.\nExplicit controller manager properties defined in the `Provider.ManagerSpec`\nwill have higher precedence than those defined in `ContainerSpec.Args`.\nFor example, `ManagerSpec.SyncPeriod` will be used instead of the\ncontainer arg `--sync-period` if both are defined.\nThe same holds for `ManagerSpec.FeatureGates` and `--feature-gates`." + type: "object" + command: + description: "Command allows override container's entrypoint array." + items: + type: "string" + type: "array" + env: + description: "List of environment variables to set in the container." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + imageUrl: + description: "Container Image URL" + type: "string" + name: + description: "Name of the container. Cannot be updated." + type: "string" + resources: + description: "Compute resources required by this container." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + required: + - "name" + type: "object" + type: "array" + imagePullSecrets: + description: "List of image pull secrets specified in the Deployment" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + nodeSelector: + additionalProperties: + type: "string" + description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + type: "object" + replicas: + description: "Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1." + minimum: 0.0 + type: "integer" + serviceAccountName: + description: "If specified, the pod's service account" + type: "string" + tolerations: + description: "If specified, the pod's tolerations." + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." + properties: + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + type: "string" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." + type: "string" + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." + type: "string" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." + type: "string" + type: "object" + type: "array" + type: "object" + manager: + description: "Manager defines the properties that can be enabled on the controller manager for the additional provider deployment." + properties: + cacheNamespace: + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + type: "string" + controller: + description: "Controller contains global configuration options for controllers\nregistered within this manager." + properties: + cacheSyncTimeout: + description: "CacheSyncTimeout refers to the time limit set to wait for syncing caches.\nDefaults to 2 minutes if not set." + format: "int64" + type: "integer" + groupKindConcurrency: + additionalProperties: + type: "integer" + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + type: "object" + recoverPanic: + description: "RecoverPanic indicates if panics should be recovered." + type: "boolean" + type: "object" + featureGates: + additionalProperties: + type: "boolean" + description: "FeatureGates define provider specific feature flags that will be passed\nin as container args to the provider's controller manager.\nController Manager flag is --feature-gates." + type: "object" + gracefulShutDown: + description: "GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop.\nTo disable graceful shutdown, set to time.Duration(0)\nTo use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1)\nThe graceful shutdown is skipped for safety reasons in case the leader election lease is lost." + type: "string" + health: + description: "Health contains the controller health configuration" + properties: + healthProbeBindAddress: + description: "HealthProbeBindAddress is the TCP address that the controller should bind to\nfor serving health probes\nIt can be set to \"0\" or \"\" to disable serving the health probe." + type: "string" + livenessEndpointName: + description: "LivenessEndpointName, defaults to \"healthz\"" + type: "string" + readinessEndpointName: + description: "ReadinessEndpointName, defaults to \"readyz\"" + type: "string" + type: "object" + leaderElection: + description: "LeaderElection is the LeaderElection config to be used when configuring\nthe manager.Manager leader election" + properties: + leaderElect: + description: "leaderElect enables a leader election client to gain leadership\nbefore executing the main loop. Enable this when running replicated\ncomponents for high availability." + type: "boolean" + leaseDuration: + description: "leaseDuration is the duration that non-leader candidates will wait\nafter observing a leadership renewal until attempting to acquire\nleadership of a led but unrenewed leader slot. This is effectively the\nmaximum duration that a leader can be stopped before it is replaced\nby another candidate. This is only applicable if leader election is\nenabled." + type: "string" + renewDeadline: + description: "renewDeadline is the interval between attempts by the acting master to\nrenew a leadership slot before it stops leading. This must be less\nthan or equal to the lease duration. This is only applicable if leader\nelection is enabled." + type: "string" + resourceLock: + description: "resourceLock indicates the resource object type that will be used to lock\nduring leader election cycles." + type: "string" + resourceName: + description: "resourceName indicates the name of resource object that will be used to lock\nduring leader election cycles." + type: "string" + resourceNamespace: + description: "resourceName indicates the namespace of resource object that will be used to lock\nduring leader election cycles." + type: "string" + retryPeriod: + description: "retryPeriod is the duration the clients should wait between attempting\nacquisition and renewal of a leadership. This is only applicable if\nleader election is enabled." + type: "string" + required: + - "leaderElect" + - "leaseDuration" + - "renewDeadline" + - "resourceLock" + - "resourceName" + - "resourceNamespace" + - "retryPeriod" + type: "object" + maxConcurrentReconciles: + description: "MaxConcurrentReconciles is the maximum number of concurrent Reconciles\nwhich can be run." + minimum: 1.0 + type: "integer" + metrics: + description: "Metrics contains thw controller metrics configuration" + properties: + bindAddress: + description: "BindAddress is the TCP address that the controller should bind to\nfor serving prometheus metrics.\nIt can be set to \"0\" to disable the metrics serving." + type: "string" + type: "object" + profilerAddress: + description: "ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060).\nDefault empty, meaning the profiler is disabled.\nController Manager flag is --profiler-address." + type: "string" + syncPeriod: + description: "SyncPeriod determines the minimum frequency at which watched resources are\nreconciled. A lower period will correct entropy more quickly, but reduce\nresponsiveness to change if there are many watched resources. Change this\nvalue only if you know what you are doing. Defaults to 10 hours if unset.\nthere will a 10 percent jitter between the SyncPeriod of all controllers\nso that all controllers will not send list requests simultaneously." + type: "string" + verbosity: + default: 1 + description: "Verbosity set the logs verbosity. Defaults to 1.\nController Manager flag is --verbosity." + minimum: 0.0 + type: "integer" + webhook: + description: "Webhook contains the controllers webhook configuration" + properties: + certDir: + description: "CertDir is the directory that contains the server key and certificate.\nif not set, webhook server would look up the server key and certificate in\n{TempDir}/k8s-webhook-server/serving-certs. The server key and certificate\nmust be named tls.key and tls.crt, respectively." + type: "string" + host: + description: "Host is the hostname that the webhook server binds to.\nIt is used to set webhook.Server.Host." + type: "string" + port: + description: "Port is the port that the webhook server serves at.\nIt is used to set webhook.Server.Port." + type: "integer" + type: "object" + type: "object" + type: "object" + description: "AdditionalDeployments is a map of additional deployments that the provider\nshould manage. The key is the name of the deployment and the value is the\nDeploymentSpec." + type: "object" additionalManifests: description: "AdditionalManifests is reference to configmap that contains additional manifests that will be applied\ntogether with the provider components. The key for storing these manifests has to be `manifests`.\nThe manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the\nnamespace of the provider will be used. There is no validation of the yaml content inside the configmap." properties: diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcclusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcclusters.yaml index b6b2ef024..f154e9ddb 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcclusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcclusters.yaml @@ -92,6 +92,70 @@ spec: description: "public indicates that load balancer is public or private" type: "boolean" type: "object" + network: + description: "network represents the VPC network to use for the cluster." + properties: + controlPlaneSubnets: + description: "controlPlaneSubnets is a set of Subnet's which define the Control Plane subnets." + items: + description: "Subnet describes a subnet." + properties: + cidr: + type: "string" + id: + maxLength: 64 + minLength: 1 + pattern: "^[-0-9a-z_]+$" + type: "string" + name: + maxLength: 63 + minLength: 1 + pattern: "^([a-z]|[a-z][-a-z0-9]*[a-z0-9])$" + type: "string" + zone: + type: "string" + type: "object" + type: "array" + resourceGroup: + description: "resourceGroup is the name of the Resource Group containing all of the newtork resources.\nThis can be different than the Resource Group containing the remaining cluster resources." + type: "string" + vpc: + description: "vpc defines the IBM Cloud VPC for extended VPC Infrastructure support." + properties: + id: + description: "id of the resource." + minLength: 1 + type: "string" + name: + description: "name of the resource." + minLength: 1 + type: "string" + type: "object" + x-kubernetes-validations: + - message: "an id or name must be provided" + rule: "has(self.id) || has(self.name)" + workerSubnets: + description: "workerSubnets is a set of Subnet's which define the Worker subnets." + items: + description: "Subnet describes a subnet." + properties: + cidr: + type: "string" + id: + maxLength: 64 + minLength: 1 + pattern: "^[-0-9a-z_]+$" + type: "string" + name: + maxLength: 63 + minLength: 1 + pattern: "^([a-z]|[a-z][-a-z0-9]*[a-z0-9])$" + type: "string" + zone: + type: "string" + type: "object" + type: "array" + type: "object" region: description: "The IBM Cloud Region the cluster lives in." type: "string" @@ -144,9 +208,62 @@ spec: controlPlaneLoadBalancerState: description: "ControlPlaneLoadBalancerState is the status of the load balancer." type: "string" + network: + description: "network is the status of the VPC network resources for extended VPC Infrastructure support." + properties: + resourceGroup: + description: "resourceGroup references the Resource Group for Network resources for the cluster.\nThis can be the same or unique from the cluster's Resource Group." + properties: + id: + description: "id defines the Id of the IBM Cloud resource status." + type: "string" + name: + description: "name defines the name of the IBM Cloud resource status." + type: "string" + ready: + description: "ready defines whether the IBM Cloud resource is ready." + type: "boolean" + required: + - "id" + - "ready" + type: "object" + vpc: + description: "vpc references the status of the IBM Cloud VPC as part of the extended VPC Infrastructure support." + properties: + id: + description: "id defines the Id of the IBM Cloud resource status." + type: "string" + name: + description: "name defines the name of the IBM Cloud resource status." + type: "string" + ready: + description: "ready defines whether the IBM Cloud resource is ready." + type: "boolean" + required: + - "id" + - "ready" + type: "object" + type: "object" ready: + default: false description: "Ready is true when the provider resource is ready." type: "boolean" + resourceGroup: + description: "resourceGroup is the status of the cluster's Resource Group for extended VPC Infrastructure support." + properties: + id: + description: "id defines the Id of the IBM Cloud resource status." + type: "string" + name: + description: "name defines the name of the IBM Cloud resource status." + type: "string" + ready: + description: "ready defines whether the IBM Cloud resource is ready." + type: "boolean" + required: + - "id" + - "ready" + type: "object" subnet: description: "Subnet describes a subnet." properties: @@ -166,7 +283,7 @@ spec: type: "string" type: "object" vpc: - description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster\nImportant: Run \"make\" to regenerate code after modifying this file" + description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster\nImportant: Run \"make\" to regenerate code after modifying this file\ndep: rely on Network instead." properties: id: type: "string" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachines.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachines.yaml index 6b4def9c5..9f3bac92b 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachines.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachines.yaml @@ -298,11 +298,14 @@ spec: description: "CustomLabel is the hardware label of a virtual machine's PCI device.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." type: "string" deviceId: - description: "DeviceID is the device ID of a virtual machine's PCI, in integer.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." + description: "DeviceID is the device ID of a virtual machine's PCI, in integer.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned.\nMutually exclusive with VGPUProfile as VGPUProfile and DeviceID + VendorID\nare two independent ways to define PCI devices." format: "int32" type: "integer" + vGPUProfile: + description: "VGPUProfile is the profile name of a virtual machine's vGPU, in string.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned.\nMutually exclusive with DeviceID and VendorID as VGPUProfile and DeviceID + VendorID\nare two independent ways to define PCI devices." + type: "string" vendorId: - description: "VendorId is the vendor ID of a virtual machine's PCI, in integer.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." + description: "VendorId is the vendor ID of a virtual machine's PCI, in integer.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned.\nMutually exclusive with VGPUProfile as VGPUProfile and DeviceID + VendorID\nare two independent ways to define PCI devices." format: "int32" type: "integer" type: "object" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachinetemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachinetemplates.yaml index b119afcd6..6bc8bebc0 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachinetemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachinetemplates.yaml @@ -296,11 +296,14 @@ spec: description: "CustomLabel is the hardware label of a virtual machine's PCI device.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." type: "string" deviceId: - description: "DeviceID is the device ID of a virtual machine's PCI, in integer.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." + description: "DeviceID is the device ID of a virtual machine's PCI, in integer.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned.\nMutually exclusive with VGPUProfile as VGPUProfile and DeviceID + VendorID\nare two independent ways to define PCI devices." format: "int32" type: "integer" + vGPUProfile: + description: "VGPUProfile is the profile name of a virtual machine's vGPU, in string.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned.\nMutually exclusive with DeviceID and VendorID as VGPUProfile and DeviceID + VendorID\nare two independent ways to define PCI devices." + type: "string" vendorId: - description: "VendorId is the vendor ID of a virtual machine's PCI, in integer.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." + description: "VendorId is the vendor ID of a virtual machine's PCI, in integer.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned.\nMutually exclusive with VGPUProfile as VGPUProfile and DeviceID + VendorID\nare two independent ways to define PCI devices." format: "int32" type: "integer" type: "object" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspherevms.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspherevms.yaml index c4b87fc68..b7e0f6a35 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspherevms.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspherevms.yaml @@ -302,11 +302,14 @@ spec: description: "CustomLabel is the hardware label of a virtual machine's PCI device.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." type: "string" deviceId: - description: "DeviceID is the device ID of a virtual machine's PCI, in integer.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." + description: "DeviceID is the device ID of a virtual machine's PCI, in integer.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned.\nMutually exclusive with VGPUProfile as VGPUProfile and DeviceID + VendorID\nare two independent ways to define PCI devices." format: "int32" type: "integer" + vGPUProfile: + description: "VGPUProfile is the profile name of a virtual machine's vGPU, in string.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned.\nMutually exclusive with DeviceID and VendorID as VGPUProfile and DeviceID + VendorID\nare two independent ways to define PCI devices." + type: "string" vendorId: - description: "VendorId is the vendor ID of a virtual machine's PCI, in integer.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." + description: "VendorId is the vendor ID of a virtual machine's PCI, in integer.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned.\nMutually exclusive with VGPUProfile as VGPUProfile and DeviceID + VendorID\nare two independent ways to define PCI devices." format: "int32" type: "integer" type: "object" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusterclasses.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusterclasses.yaml index 662000ff3..978c83c25 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusterclasses.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusterclasses.yaml @@ -349,7 +349,7 @@ spec: description: "ClusterClassVariable defines a variable which can\nbe configured in the Cluster topology and used in patches." properties: metadata: - description: "Metadata is the metadata of a variable.\nIt can be used to add additional data for higher level tools to\na ClusterClassVariable." + description: "Metadata is the metadata of a variable.\nIt can be used to add additional data for higher level tools to\na ClusterClassVariable.\n\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please use XMetadata in JSONSchemaProps instead." properties: annotations: additionalProperties: @@ -488,6 +488,20 @@ spec: x-kubernetes-list-map-keys: - "rule" x-kubernetes-list-type: "map" + x-metadata: + description: "XMetadata is the metadata of a variable or a nested field within a variable.\nIt can be used to add additional data for higher level tools." + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is an unstructured key value map that can be used to store and\nretrieve arbitrary metadata.\nThey are not queryable." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) variables." + type: "object" + type: "object" required: - "type" type: "object" @@ -729,6 +743,9 @@ spec: - "template" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "class" + x-kubernetes-list-type: "map" machinePools: description: "MachinePools is a list of machine pool classes that can be used to create\na set of worker nodes." items: @@ -852,6 +869,9 @@ spec: - "template" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "class" + x-kubernetes-list-type: "map" type: "object" type: "object" status: @@ -905,7 +925,7 @@ spec: description: "From specifies the origin of the variable definition.\nThis will be `inline` for variables defined in the ClusterClass or the name of a patch defined in the ClusterClass\nfor variables discovered from a DiscoverVariables runtime extensions." type: "string" metadata: - description: "Metadata is the metadata of a variable.\nIt can be used to add additional data for higher level tools to\na ClusterClassVariable." + description: "Metadata is the metadata of a variable.\nIt can be used to add additional data for higher level tools to\na ClusterClassVariable.\n\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion." properties: annotations: additionalProperties: @@ -1041,6 +1061,20 @@ spec: x-kubernetes-list-map-keys: - "rule" x-kubernetes-list-type: "map" + x-metadata: + description: "XMetadata is the metadata of a variable or a nested field within a variable.\nIt can be used to add additional data for higher level tools." + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is an unstructured key value map that can be used to store and\nretrieve arbitrary metadata.\nThey are not queryable." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) variables." + type: "object" + type: "object" required: - "type" type: "object" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusters.yaml index 6e1781ac6..9f21b2ae7 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusters.yaml @@ -260,7 +260,7 @@ spec: description: "ClusterVariable can be used to customize the Cluster through patches. Each ClusterVariable is associated with a\nVariable definition in the ClusterClass `status` variables." properties: definitionFrom: - description: "DefinitionFrom specifies where the definition of this Variable is from. DefinitionFrom is `inline` when the\ndefinition is from the ClusterClass `.spec.variables` or the name of a patch defined in the ClusterClass\n`.spec.patches` where the patch is external and provides external variables.\nThis field is mandatory if the variable has `DefinitionsConflict: true` in ClusterClass `status.variables[]`" + description: "DefinitionFrom specifies where the definition of this Variable is from.\n\n\nDeprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion." type: "string" name: description: "Name of the variable." @@ -273,6 +273,9 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" type: "object" type: "object" rolloutAfter: @@ -285,7 +288,7 @@ spec: description: "ClusterVariable can be used to customize the Cluster through patches. Each ClusterVariable is associated with a\nVariable definition in the ClusterClass `status` variables." properties: definitionFrom: - description: "DefinitionFrom specifies where the definition of this Variable is from. DefinitionFrom is `inline` when the\ndefinition is from the ClusterClass `.spec.variables` or the name of a patch defined in the ClusterClass\n`.spec.patches` where the patch is external and provides external variables.\nThis field is mandatory if the variable has `DefinitionsConflict: true` in ClusterClass `status.variables[]`" + description: "DefinitionFrom specifies where the definition of this Variable is from.\n\n\nDeprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion." type: "string" name: description: "Name of the variable." @@ -298,6 +301,9 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" version: description: "The Kubernetes version of the cluster." type: "string" @@ -466,7 +472,7 @@ spec: description: "ClusterVariable can be used to customize the Cluster through patches. Each ClusterVariable is associated with a\nVariable definition in the ClusterClass `status` variables." properties: definitionFrom: - description: "DefinitionFrom specifies where the definition of this Variable is from. DefinitionFrom is `inline` when the\ndefinition is from the ClusterClass `.spec.variables` or the name of a patch defined in the ClusterClass\n`.spec.patches` where the patch is external and provides external variables.\nThis field is mandatory if the variable has `DefinitionsConflict: true` in ClusterClass `status.variables[]`" + description: "DefinitionFrom specifies where the definition of this Variable is from.\n\n\nDeprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion." type: "string" name: description: "Name of the variable." @@ -479,12 +485,18 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" type: "object" required: - "class" - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" machinePools: description: "MachinePools is a list of machine pools in the cluster." items: @@ -541,7 +553,7 @@ spec: description: "ClusterVariable can be used to customize the Cluster through patches. Each ClusterVariable is associated with a\nVariable definition in the ClusterClass `status` variables." properties: definitionFrom: - description: "DefinitionFrom specifies where the definition of this Variable is from. DefinitionFrom is `inline` when the\ndefinition is from the ClusterClass `.spec.variables` or the name of a patch defined in the ClusterClass\n`.spec.patches` where the patch is external and provides external variables.\nThis field is mandatory if the variable has `DefinitionsConflict: true` in ClusterClass `status.variables[]`" + description: "DefinitionFrom specifies where the definition of this Variable is from.\n\n\nDeprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion." type: "string" name: description: "Name of the variable." @@ -554,12 +566,18 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" type: "object" required: - "class" - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" type: "object" required: - "class" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinedeployments.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinedeployments.yaml index 0178d7f02..57c9c85c7 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinedeployments.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinedeployments.yaml @@ -91,7 +91,7 @@ spec: format: "int32" type: "integer" revisionHistoryLimit: - description: "The number of old MachineSets to retain to allow rollback.\nThis is a pointer to distinguish between explicit zero and not specified.\nDefaults to 1." + description: "The number of old MachineSets to retain to allow rollback.\nThis is a pointer to distinguish between explicit zero and not specified.\nDefaults to 1.\n\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10479 for more details." format: "int32" type: "integer" rolloutAfter: diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinehealthchecks.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinehealthchecks.yaml index 3de3600f3..a39d6aef5 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinehealthchecks.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinehealthchecks.yaml @@ -63,7 +63,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Any further remediation is only allowed if at most \"MaxUnhealthy\" machines selected by\n\"selector\" are not healthy." + description: "Any further remediation is only allowed if at most \"MaxUnhealthy\" machines selected by\n\"selector\" are not healthy.\n\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10722 for more details." x-kubernetes-int-or-string: true nodeStartupTimeout: description: "NodeStartupTimeout allows to set the maximum time for MachineHealthCheck\nto consider a Machine unhealthy if a corresponding Node isn't associated\nthrough a `Spec.ProviderID` field.\n\n\nThe duration set in this field is compared to the greatest of:\n- Cluster's infrastructure ready condition timestamp (if and when available)\n- Control Plane's initialized condition timestamp (if and when available)\n- Machine's infrastructure ready condition timestamp (if and when available)\n- Machine's metadata creation timestamp\n\n\nDefaults to 10 minutes.\nIf you wish to disable this feature, set the value explicitly to 0." @@ -147,7 +147,7 @@ spec: type: "object" type: "array" unhealthyRange: - description: "Any further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"UnhealthyRange\". Takes precedence over MaxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines" + description: "Any further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"UnhealthyRange\". Takes precedence over MaxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines\n\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10722 for more details." pattern: "^\\[[0-9]+-[0-9]+\\]$" type: "string" required: diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/gateways.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/gateways.yaml index d404765d5..a512d93d8 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/gateways.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/gateways.yaml @@ -246,7 +246,7 @@ spec: description: "Protocol specifies the network protocol this listener expects to receive.\n\n\nSupport: Core" maxLength: 255 minLength: 1 - pattern: "^[a-zA-Z0-9]([-a-zSA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\\/[A-Za-z0-9]+$" + pattern: "^[a-zA-Z0-9]([-a-zA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\\/[A-Za-z0-9]+$" type: "string" tls: description: "TLS is the TLS configuration for the Listener. This field is required if\nthe Protocol field is \"HTTPS\" or \"TLS\". It is invalid to set this field\nif the Protocol field is \"HTTP\", \"TCP\", or \"UDP\".\n\n\nThe association of SNIs to Certificate defined in GatewayTLSConfig is\ndefined based on the Hostname field for this listener.\n\n\nThe GatewayClass MUST use the longest matching SNI out of all\navailable certificates for any TLS handshake.\n\n\nSupport: Core" diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml index 9ae763219..88d72b451 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml @@ -112,7 +112,7 @@ spec: description: "HTTPRouteRule defines semantics for matching an HTTP request based on\nconditions (matches), processing it (filters), and forwarding the request to\nan API object (backendRefs)." properties: backendRefs: - description: "BackendRefs defines the backend(s) where matching requests should be\nsent.\n\n\nFailure behavior here depends on how many BackendRefs are specified and\nhow many are invalid.\n\n\nIf *all* entries in BackendRefs are invalid, and there are also no filters\nspecified in this route rule, *all* traffic which matches this rule MUST\nreceive a 500 status code.\n\n\nSee the HTTPBackendRef definition for the rules about what makes a single\nHTTPBackendRef invalid.\n\n\nWhen a HTTPBackendRef is invalid, 500 status codes MUST be returned for\nrequests that would have otherwise been routed to an invalid backend. If\nmultiple backends are specified, and some are invalid, the proportion of\nrequests that would otherwise have been routed to an invalid backend\nMUST receive a 500 status code.\n\n\nFor example, if two backends are specified with equal weights, and one is\ninvalid, 50 percent of traffic must receive a 500. Implementations may\nchoose how that 50 percent is determined.\n\n\nSupport: Core for Kubernetes Service\n\n\nSupport: Extended for Kubernetes ServiceImport\n\n\nSupport: Implementation-specific for any other resource\n\n\nSupport for weight: Core" + description: "BackendRefs defines the backend(s) where matching requests should be\nsent.\n\n\nFailure behavior here depends on how many BackendRefs are specified and\nhow many are invalid.\n\n\nIf *all* entries in BackendRefs are invalid, and there are also no filters\nspecified in this route rule, *all* traffic which matches this rule MUST\nreceive a 500 status code.\n\n\nSee the HTTPBackendRef definition for the rules about what makes a single\nHTTPBackendRef invalid.\n\n\nWhen a HTTPBackendRef is invalid, 500 status codes MUST be returned for\nrequests that would have otherwise been routed to an invalid backend. If\nmultiple backends are specified, and some are invalid, the proportion of\nrequests that would otherwise have been routed to an invalid backend\nMUST receive a 500 status code.\n\n\nFor example, if two backends are specified with equal weights, and one is\ninvalid, 50 percent of traffic must receive a 500. Implementations may\nchoose how that 50 percent is determined.\n\n\nWhen a HTTPBackendRef refers to a Service that has no ready endpoints,\nimplementations SHOULD return a 503 for requests to that backend instead.\nIf an implementation chooses to do this, all of the above rules for 500 responses\nMUST also apply for responses that return a 503.\n\n\nSupport: Core for Kubernetes Service\n\n\nSupport: Extended for Kubernetes ServiceImport\n\n\nSupport: Implementation-specific for any other resource\n\n\nSupport for weight: Core" items: description: "HTTPBackendRef defines how a HTTPRoute forwards a HTTP request.\n\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\n\n\n\n\nWhen the BackendRef points to a Kubernetes Service, implementations SHOULD\nhonor the appProtocol field if it is set for the target Service Port.\n\n\nImplementations supporting appProtocol SHOULD recognize the Kubernetes\nStandard Application Protocols defined in KEP-3726.\n\n\nIf a Service appProtocol isn't specified, an implementation MAY infer the\nbackend protocol through its own means. Implementations MAY infer the\nprotocol from the Route type referring to the backend Service.\n\n\nIf a Route is not able to send traffic to the backend using the specified\nprotocol then the backend is considered invalid. Implementations MUST set the\n\"ResolvedRefs\" condition to \"False\" with the \"UnsupportedProtocol\" reason.\n\n\n" properties: diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/gateways.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/gateways.yaml index db182d0eb..3d7e1832c 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/gateways.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/gateways.yaml @@ -246,7 +246,7 @@ spec: description: "Protocol specifies the network protocol this listener expects to receive.\n\n\nSupport: Core" maxLength: 255 minLength: 1 - pattern: "^[a-zA-Z0-9]([-a-zSA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\\/[A-Za-z0-9]+$" + pattern: "^[a-zA-Z0-9]([-a-zA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\\/[A-Za-z0-9]+$" type: "string" tls: description: "TLS is the TLS configuration for the Listener. This field is required if\nthe Protocol field is \"HTTPS\" or \"TLS\". It is invalid to set this field\nif the Protocol field is \"HTTP\", \"TCP\", or \"UDP\".\n\n\nThe association of SNIs to Certificate defined in GatewayTLSConfig is\ndefined based on the Hostname field for this listener.\n\n\nThe GatewayClass MUST use the longest matching SNI out of all\navailable certificates for any TLS handshake.\n\n\nSupport: Core" diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml index 87a355053..424b424e1 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml @@ -112,7 +112,7 @@ spec: description: "HTTPRouteRule defines semantics for matching an HTTP request based on\nconditions (matches), processing it (filters), and forwarding the request to\nan API object (backendRefs)." properties: backendRefs: - description: "BackendRefs defines the backend(s) where matching requests should be\nsent.\n\n\nFailure behavior here depends on how many BackendRefs are specified and\nhow many are invalid.\n\n\nIf *all* entries in BackendRefs are invalid, and there are also no filters\nspecified in this route rule, *all* traffic which matches this rule MUST\nreceive a 500 status code.\n\n\nSee the HTTPBackendRef definition for the rules about what makes a single\nHTTPBackendRef invalid.\n\n\nWhen a HTTPBackendRef is invalid, 500 status codes MUST be returned for\nrequests that would have otherwise been routed to an invalid backend. If\nmultiple backends are specified, and some are invalid, the proportion of\nrequests that would otherwise have been routed to an invalid backend\nMUST receive a 500 status code.\n\n\nFor example, if two backends are specified with equal weights, and one is\ninvalid, 50 percent of traffic must receive a 500. Implementations may\nchoose how that 50 percent is determined.\n\n\nSupport: Core for Kubernetes Service\n\n\nSupport: Extended for Kubernetes ServiceImport\n\n\nSupport: Implementation-specific for any other resource\n\n\nSupport for weight: Core" + description: "BackendRefs defines the backend(s) where matching requests should be\nsent.\n\n\nFailure behavior here depends on how many BackendRefs are specified and\nhow many are invalid.\n\n\nIf *all* entries in BackendRefs are invalid, and there are also no filters\nspecified in this route rule, *all* traffic which matches this rule MUST\nreceive a 500 status code.\n\n\nSee the HTTPBackendRef definition for the rules about what makes a single\nHTTPBackendRef invalid.\n\n\nWhen a HTTPBackendRef is invalid, 500 status codes MUST be returned for\nrequests that would have otherwise been routed to an invalid backend. If\nmultiple backends are specified, and some are invalid, the proportion of\nrequests that would otherwise have been routed to an invalid backend\nMUST receive a 500 status code.\n\n\nFor example, if two backends are specified with equal weights, and one is\ninvalid, 50 percent of traffic must receive a 500. Implementations may\nchoose how that 50 percent is determined.\n\n\nWhen a HTTPBackendRef refers to a Service that has no ready endpoints,\nimplementations SHOULD return a 503 for requests to that backend instead.\nIf an implementation chooses to do this, all of the above rules for 500 responses\nMUST also apply for responses that return a 503.\n\n\nSupport: Core for Kubernetes Service\n\n\nSupport: Extended for Kubernetes ServiceImport\n\n\nSupport: Implementation-specific for any other resource\n\n\nSupport for weight: Core" items: description: "HTTPBackendRef defines how a HTTPRoute forwards a HTTP request.\n\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\n\n\n\n\nWhen the BackendRef points to a Kubernetes Service, implementations SHOULD\nhonor the appProtocol field if it is set for the target Service Port.\n\n\nImplementations supporting appProtocol SHOULD recognize the Kubernetes\nStandard Application Protocols defined in KEP-3726.\n\n\nIf a Service appProtocol isn't specified, an implementation MAY infer the\nbackend protocol through its own means. Implementations MAY infer the\nprotocol from the Route type referring to the backend Service.\n\n\nIf a Route is not able to send traffic to the backend using the specified\nprotocol then the backend is considered invalid. Implementations MUST set the\n\"ResolvedRefs\" condition to \"False\" with the \"UnsupportedProtocol\" reason.\n\n\n" properties: diff --git a/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml b/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml index 6352d1218..bc8108917 100644 --- a/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml +++ b/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml @@ -14,6 +14,10 @@ spec: scope: "Namespaced" versions: - additionalPrinterColumns: + - description: "Final state of JobSet" + jsonPath: ".status.terminalState" + name: "TerminalState" + type: "string" - description: "Number of restarts" jsonPath: ".status.restarts" name: "Restarts" @@ -4886,6 +4890,9 @@ spec: description: "RestartsCountTowardsMax tracks the number of times the JobSet has restarted that counts towards the maximum allowed number of restarts." format: "int32" type: "integer" + terminalState: + description: "TerminalState the state of the JobSet when it finishes execution.\nIt can be either Complete or Failed. Otherwise, it is empty by default." + type: "string" type: "object" type: "object" served: true diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml index bbe09e583..37f4e5043 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml @@ -347,6 +347,8 @@ spec: description: "WeightedShare represent the maximum of the ratios of usage above nominal\nquota to the lendable resources in the cohort, among all the resources\nprovided by the ClusterQueue, and divided by the weight.\nIf zero, it means that the usage of the ClusterQueue is below the nominal quota.\nIf the ClusterQueue has a weight of zero, this will return 9223372036854775807,\nthe maximum possible share value." format: "int64" type: "integer" + required: + - "weightedShare" type: "object" flavorsReservation: description: "flavorsReservation are the reserved quotas, by flavor, currently in use by the\nworkloads assigned to this ClusterQueue." diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/resourceflavors.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/resourceflavors.yaml index a5800dc2c..632d43c24 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/resourceflavors.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/resourceflavors.yaml @@ -13,6 +13,7 @@ spec: shortNames: - "flavor" - "flavors" + - "rf" singular: "resourceflavor" scope: "Cluster" versions: diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml index 345b4c5ae..f4c012813 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml @@ -28,6 +28,10 @@ spec: jsonPath: ".status.conditions[?(@.type=='Admitted')].status" name: "Admitted" type: "string" + - description: "Workload finished" + jsonPath: ".status.conditions[?(@.type=='Finished')].status" + name: "Finished" + type: "string" - description: "Time this workload was created" jsonPath: ".metadata.creationTimestamp" name: "Age" diff --git a/crd-catalog/kubernetes-sigs/network-policy-api/policy.networking.k8s.io/v1alpha1/baselineadminnetworkpolicies.yaml b/crd-catalog/kubernetes-sigs/network-policy-api/policy.networking.k8s.io/v1alpha1/baselineadminnetworkpolicies.yaml index efdfb83af..5124fdf82 100644 --- a/crd-catalog/kubernetes-sigs/network-policy-api/policy.networking.k8s.io/v1alpha1/baselineadminnetworkpolicies.yaml +++ b/crd-catalog/kubernetes-sigs/network-policy-api/policy.networking.k8s.io/v1alpha1/baselineadminnetworkpolicies.yaml @@ -103,9 +103,9 @@ spec: maxItems: 100 type: "array" to: - description: "To is the list of destinations whose traffic this rule applies to.\nIf any AdminNetworkPolicyEgressPeer matches the destination of outgoing\ntraffic then the specified action is applied.\nThis field must be defined and contain at least one item.\n\n\nSupport: Core" + description: "To is the list of destinations whose traffic this rule applies to.\nIf any BaselineAdminNetworkPolicyEgressPeer matches the destination of outgoing\ntraffic then the specified action is applied.\nThis field must be defined and contain at least one item.\n\n\nSupport: Core" items: - description: "AdminNetworkPolicyEgressPeer defines a peer to allow traffic to.\nExactly one of the selector pointers must be set for a given peer. If a\nconsumer observes none of its fields are set, they must assume an unknown\noption has been specified and fail closed." + description: "BaselineAdminNetworkPolicyEgressPeer defines a peer to allow traffic to.\nExactly one of the selector pointers must be set for a given peer. If a\nconsumer observes none of its fields are set, they must assume an unknown\noption has been specified and fail closed." maxProperties: 1 minProperties: 1 properties: diff --git a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/profilerecordings.yaml b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/profilerecordings.yaml index ac7143624..340cdcd12 100644 --- a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/profilerecordings.yaml +++ b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/profilerecordings.yaml @@ -48,6 +48,7 @@ spec: enum: - "SeccompProfile" - "SelinuxProfile" + - "ApparmorProfile" type: "string" mergeStrategy: default: "none" diff --git a/crd-catalog/kubeshop/testkube-operator/executor.testkube.io/v1/webhooks.yaml b/crd-catalog/kubeshop/testkube-operator/executor.testkube.io/v1/webhooks.yaml index 850491bdf..cfab61d46 100644 --- a/crd-catalog/kubeshop/testkube-operator/executor.testkube.io/v1/webhooks.yaml +++ b/crd-catalog/kubeshop/testkube-operator/executor.testkube.io/v1/webhooks.yaml @@ -41,16 +41,30 @@ spec: - "end-test-failed" - "end-test-aborted" - "end-test-timeout" + - "become-test-up" + - "become-test-down" + - "become-test-failed" + - "become-test-aborted" + - "become-test-timeout" - "start-testsuite" - "end-testsuite-success" - "end-testsuite-failed" - "end-testsuite-aborted" - "end-testsuite-timeout" + - "become-testsuite-up" + - "become-testsuite-down" + - "become-testsuite-failed" + - "become-testsuite-aborted" + - "become-testsuite-timeout" - "start-testworkflow" - "queue-testworkflow" - "end-testworkflow-success" - "end-testworkflow-failed" - "end-testworkflow-aborted" + - "become-testworkflow-up" + - "become-testworkflow-down" + - "become-testworkflow-failed" + - "become-testworkflow-aborted" type: "string" type: "array" headers: @@ -59,7 +73,7 @@ spec: description: "webhook headers (golang template supported)" type: "object" onStateChange: - description: "OnStateChange will trigger the webhook only when the result of the current execution differs from the previous result of the same test/test suite/workflow" + description: "OnStateChange will trigger the webhook only when the result of the current execution differs from the previous result of the same test/test suite/workflow\nDeprecated: field is not used" type: "boolean" payloadObjectField: description: "will load the generated payload for notification inside the object" diff --git a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testexecutions.yaml b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testexecutions.yaml index 5572b294d..f53f5890a 100644 --- a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testexecutions.yaml +++ b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testexecutions.yaml @@ -534,6 +534,9 @@ spec: description: "uri of test content" type: "string" type: "object" + disableWebhooks: + description: "whether webhooks should be called on execution" + type: "boolean" duration: description: "test duration" type: "string" diff --git a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testsuiteexecutions.yaml b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testsuiteexecutions.yaml index cd84e4e45..3d129616c 100644 --- a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testsuiteexecutions.yaml +++ b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v1/testsuiteexecutions.yaml @@ -59,6 +59,9 @@ spec: cronJobTemplate: description: "cron job template extensions" type: "string" + disableWebhooks: + description: "whether webhooks should be disabled for this execution" + type: "boolean" executionLabels: additionalProperties: type: "string" @@ -226,6 +229,9 @@ spec: latestExecution: description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster\nImportant: Run \"make\" to regenerate code after modifying this file" properties: + disableWebhooks: + description: "whether webhooks should be disabled for this execution" + type: "boolean" duration: description: "test duration" type: "string" diff --git a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v3/tests.yaml b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v3/tests.yaml index a04961f7f..53f68a4c4 100644 --- a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v3/tests.yaml +++ b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v3/tests.yaml @@ -181,7 +181,7 @@ spec: description: "name of the template resource" type: "string" disableWebhooks: - description: "whether webhooks should be called on execution" + description: "whether webhooks should be called on execution\nDeprecated: field is not used" type: "boolean" envConfigMaps: description: "config map references" diff --git a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v3/testsuites.yaml b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v3/testsuites.yaml index 1c3d6599b..a597df2af 100644 --- a/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v3/testsuites.yaml +++ b/crd-catalog/kubeshop/testkube-operator/tests.testkube.io/v3/testsuites.yaml @@ -86,7 +86,7 @@ spec: description: "cron job template extensions reference" type: "string" disableWebhooks: - description: "whether webhooks should be called on execution" + description: "whether webhooks should be called on execution\nDeprecated: field is not used" type: "boolean" executionLabels: additionalProperties: @@ -287,7 +287,7 @@ spec: description: "cron job template extensions reference" type: "string" disableWebhooks: - description: "whether webhooks should be called on execution" + description: "whether webhooks should be called on execution\nDeprecated: field is not used" type: "boolean" executionLabels: additionalProperties: @@ -443,7 +443,7 @@ spec: description: "name of the template resource" type: "string" disableWebhooks: - description: "whether webhooks should be called on execution" + description: "whether webhooks should be called on execution\nDeprecated: field is not used" type: "boolean" executionLabels: additionalProperties: @@ -641,7 +641,7 @@ spec: description: "cron job template extensions reference" type: "string" disableWebhooks: - description: "whether webhooks should be called on execution" + description: "whether webhooks should be called on execution\nDeprecated: field is not used" type: "boolean" executionLabels: additionalProperties: diff --git a/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/migrations.yaml b/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/migrations.yaml index 9fe2abd77..e44ea0baf 100644 --- a/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/migrations.yaml +++ b/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/migrations.yaml @@ -256,6 +256,9 @@ spec: id: description: "The object ID.\nvsphere:\n The managed object ID." type: "string" + instanceType: + description: "Selected InstanceType that will override the VM properties." + type: "string" luks: description: "Disk decryption LUKS keys" properties: diff --git a/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/plans.yaml b/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/plans.yaml index 2655607be..ad72d9238 100644 --- a/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/plans.yaml +++ b/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/plans.yaml @@ -250,6 +250,9 @@ spec: id: description: "The object ID.\nvsphere:\n The managed object ID." type: "string" + instanceType: + description: "Selected InstanceType that will override the VM properties." + type: "string" luks: description: "Disk decryption LUKS keys" properties: @@ -637,6 +640,9 @@ spec: id: description: "The object ID.\nvsphere:\n The managed object ID." type: "string" + instanceType: + description: "Selected InstanceType that will override the VM properties." + type: "string" luks: description: "Disk decryption LUKS keys" properties: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/circuitbreakers.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/circuitbreakers.yaml index 5e44eb869..438964d88 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/circuitbreakers.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/circuitbreakers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "circuitbreakers.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/containerpatches.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/containerpatches.yaml index 41590be6f..c32693de6 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/containerpatches.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/containerpatches.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "containerpatches.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplaneinsights.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplaneinsights.yaml index 3a6f69727..863dda299 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplaneinsights.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplaneinsights.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "dataplaneinsights.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplanes.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplanes.yaml index 5df96cbed..c937213ad 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplanes.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplanes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "dataplanes.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/externalservices.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/externalservices.yaml index 00c1dbf59..ba4dbe4d1 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/externalservices.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/externalservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "externalservices.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/faultinjections.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/faultinjections.yaml index 70a9ce822..d51bcf128 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/faultinjections.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/faultinjections.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "faultinjections.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/healthchecks.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/healthchecks.yaml index e30d1efec..91539cac1 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/healthchecks.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/healthchecks.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "healthchecks.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshaccesslogs.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshaccesslogs.yaml index 726c8daba..aa1d9475d 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshaccesslogs.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshaccesslogs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshaccesslogs.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshcircuitbreakers.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshcircuitbreakers.yaml index d7d3189d5..fd0037ad4 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshcircuitbreakers.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshcircuitbreakers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshcircuitbreakers.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshes.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshes.yaml index 0b6a46ca2..6a5d26f79 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshes.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshes.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshfaultinjections.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshfaultinjections.yaml index 5a52d8c3f..f429e967e 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshfaultinjections.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshfaultinjections.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshfaultinjections.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayconfigs.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayconfigs.yaml index 32d2d0f53..1b5ac7be1 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayconfigs.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshgatewayconfigs.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayinstances.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayinstances.yaml index cb7a56633..50190ebd6 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayinstances.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayinstances.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshgatewayinstances.kuma.io" spec: group: "kuma.io" @@ -249,6 +249,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" type: "object" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayroutes.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayroutes.yaml index 6c414acac..01b3ff8ba 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayroutes.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayroutes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshgatewayroutes.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgateways.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgateways.yaml index c7d8a7c4d..c0a4991b4 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgateways.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgateways.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshgateways.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhealthchecks.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhealthchecks.yaml index e11fccc35..04f79b06b 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhealthchecks.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhealthchecks.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshhealthchecks.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhttproutes.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhttproutes.yaml index 9b80dc91c..66ccf3aac 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhttproutes.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhttproutes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshhttproutes.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshinsights.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshinsights.yaml index 7c9b1b1e0..85f911677 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshinsights.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshinsights.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshinsights.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshloadbalancingstrategies.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshloadbalancingstrategies.yaml index 4369a9943..1fdd598bb 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshloadbalancingstrategies.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshloadbalancingstrategies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshloadbalancingstrategies.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshproxypatches.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshproxypatches.yaml index 4f3fd7229..b2bcb4c0e 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshproxypatches.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshproxypatches.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshproxypatches.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshratelimits.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshratelimits.yaml index 98d335f17..7f596aec6 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshratelimits.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshratelimits.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshratelimits.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshretries.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshretries.yaml index 52f0a73ca..e19ce898c 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshretries.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshretries.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshretries.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtcproutes.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtcproutes.yaml index 8fc59a601..01410b78b 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtcproutes.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtcproutes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshtcproutes.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtimeouts.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtimeouts.yaml index bafb0fb6a..22bcb007d 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtimeouts.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtimeouts.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshtimeouts.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtraces.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtraces.yaml index c3e7187fb..f1806a2ab 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtraces.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtraces.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshtraces.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtrafficpermissions.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtrafficpermissions.yaml index 6fd148df1..95e3a83e4 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtrafficpermissions.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtrafficpermissions.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "meshtrafficpermissions.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/proxytemplates.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/proxytemplates.yaml index 424d0664c..1d4b10136 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/proxytemplates.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/proxytemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "proxytemplates.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/ratelimits.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/ratelimits.yaml index c07878d72..84631f886 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/ratelimits.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/ratelimits.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "ratelimits.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/retries.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/retries.yaml index 095de2df8..5a884c1c6 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/retries.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/retries.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "retries.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/serviceinsights.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/serviceinsights.yaml index 3cfb4d585..f71cfa374 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/serviceinsights.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/serviceinsights.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "serviceinsights.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/timeouts.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/timeouts.yaml index 4326a926f..15bbbac8e 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/timeouts.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/timeouts.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "timeouts.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficlogs.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficlogs.yaml index db199f44a..a5ce67fd3 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficlogs.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficlogs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "trafficlogs.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficpermissions.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficpermissions.yaml index deacd5f63..8797fa3d1 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficpermissions.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficpermissions.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "trafficpermissions.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficroutes.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficroutes.yaml index 9513bb8b9..ed5f8589a 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficroutes.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficroutes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "trafficroutes.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/traffictraces.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/traffictraces.yaml index eb2ad9b95..81e456d73 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/traffictraces.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/traffictraces.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "traffictraces.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/virtualoutbounds.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/virtualoutbounds.yaml index 0738be242..b55acf138 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/virtualoutbounds.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/virtualoutbounds.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "virtualoutbounds.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegresses.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegresses.yaml index 3d6e8e678..64fa2a82d 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegresses.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegresses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "zoneegresses.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegressinsights.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegressinsights.yaml index 4069feb7f..622e9d634 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegressinsights.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegressinsights.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "zoneegressinsights.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingresses.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingresses.yaml index dba90af05..269617170 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingresses.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingresses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "zoneingresses.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingressinsights.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingressinsights.yaml index d394825cb..3eeb6b89e 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingressinsights.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingressinsights.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "zoneingressinsights.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneinsights.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneinsights.yaml index acd5a932a..9ebb7b49e 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneinsights.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneinsights.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "zoneinsights.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zones.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zones.yaml index 30082728b..dbf89c0f5 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zones.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zones.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "zones.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/configurations.yaml b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/configurations.yaml index 1cfe8842a..399c33860 100644 --- a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/configurations.yaml +++ b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/configurations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "configurations.chainsaw.kyverno.io" spec: group: "chainsaw.kyverno.io" @@ -33,6 +33,25 @@ spec: description: "Catch defines what the tests steps will execute when an error happens.\nThis will be combined with catch handlers defined at the test and step levels." items: description: "CatchFinally defines actions to be executed in catch, finally and cleanup blocks." + oneOf: + - required: + - "command" + - required: + - "delete" + - required: + - "describe" + - required: + - "events" + - required: + - "get" + - required: + - "podLogs" + - required: + - "script" + - required: + - "sleep" + - required: + - "wait" properties: command: description: "Command defines a command to run." @@ -64,7 +83,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -133,6 +152,10 @@ spec: type: "object" delete: description: "Delete represents a deletion operation." + not: + required: + - "file" + - "ref" properties: bindings: description: "Bindings defines additional binding key/values." @@ -152,7 +175,7 @@ spec: type: "object" type: "array" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -229,12 +252,16 @@ spec: type: "object" describe: description: "Describe determines the resource describe collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -278,9 +305,13 @@ spec: type: "string" events: description: "Events determines the events collector to execute." + not: + required: + - "name" + - "selector" properties: cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -316,12 +347,16 @@ spec: type: "object" get: description: "Get determines the resource get collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -363,9 +398,13 @@ spec: type: "object" podLogs: description: "PodLogs determines the pod logs collector to execute." + not: + required: + - "name" + - "selector" properties: cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -426,7 +465,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -502,12 +541,16 @@ spec: type: "object" wait: description: "Wait determines the resource wait collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -664,24 +707,31 @@ spec: description: "TestFile is the name of the file containing the test to run.\nIf no extension is provided, chainsaw will try with .yaml first and .yml if needed." type: "string" timeouts: + default: {} description: "Global timeouts configuration. Applies to all tests/test steps if not overridden." properties: apply: + default: "5s" description: "Apply defines the timeout for the apply operation" type: "string" assert: + default: "30s" description: "Assert defines the timeout for the assert operation" type: "string" cleanup: + default: "30s" description: "Cleanup defines the timeout for the cleanup operation" type: "string" delete: + default: "15s" description: "Delete defines the timeout for the delete operation" type: "string" error: + default: "30s" description: "Error defines the timeout for the error operation" type: "string" exec: + default: "5s" description: "Exec defines the timeout for exec operations" type: "string" type: "object" @@ -690,4 +740,4 @@ spec: - "spec" type: "object" served: true - storage: true + storage: false diff --git a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/tests.yaml b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/tests.yaml index 63add9582..a2bb18951 100644 --- a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/tests.yaml +++ b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/tests.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "tests.chainsaw.kyverno.io" spec: group: "chainsaw.kyverno.io" @@ -50,6 +50,25 @@ spec: description: "Catch defines what the steps will execute when an error happens.\nThis will be combined with catch handlers defined at the step level." items: description: "CatchFinally defines actions to be executed in catch, finally and cleanup blocks." + oneOf: + - required: + - "command" + - required: + - "delete" + - required: + - "describe" + - required: + - "events" + - required: + - "get" + - required: + - "podLogs" + - required: + - "script" + - required: + - "sleep" + - required: + - "wait" properties: command: description: "Command defines a command to run." @@ -81,7 +100,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -150,6 +169,10 @@ spec: type: "object" delete: description: "Delete represents a deletion operation." + not: + required: + - "file" + - "ref" properties: bindings: description: "Bindings defines additional binding key/values." @@ -169,7 +192,7 @@ spec: type: "object" type: "array" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -246,12 +269,16 @@ spec: type: "object" describe: description: "Describe determines the resource describe collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -295,9 +322,13 @@ spec: type: "string" events: description: "Events determines the events collector to execute." + not: + required: + - "name" + - "selector" properties: cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -333,12 +364,16 @@ spec: type: "object" get: description: "Get determines the resource get collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -380,9 +415,13 @@ spec: type: "object" podLogs: description: "PodLogs determines the pod logs collector to execute." + not: + required: + - "name" + - "selector" properties: cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -443,7 +482,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -519,12 +558,16 @@ spec: type: "object" wait: description: "Wait determines the resource wait collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -677,6 +720,18 @@ spec: description: "Steps defining the test." items: description: "TestStep contains the test step definition used in a test spec." + not: + anyOf: + - required: + - "try" + - required: + - "catch" + - required: + - "finally" + - required: + - "cleanup" + required: + - "use" properties: bindings: description: "Bindings defines additional binding key/values." @@ -699,6 +754,25 @@ spec: description: "Catch defines what the step will execute when an error happens." items: description: "CatchFinally defines actions to be executed in catch, finally and cleanup blocks." + oneOf: + - required: + - "command" + - required: + - "delete" + - required: + - "describe" + - required: + - "events" + - required: + - "get" + - required: + - "podLogs" + - required: + - "script" + - required: + - "sleep" + - required: + - "wait" properties: command: description: "Command defines a command to run." @@ -730,7 +804,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -799,6 +873,10 @@ spec: type: "object" delete: description: "Delete represents a deletion operation." + not: + required: + - "file" + - "ref" properties: bindings: description: "Bindings defines additional binding key/values." @@ -818,7 +896,7 @@ spec: type: "object" type: "array" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -895,12 +973,16 @@ spec: type: "object" describe: description: "Describe determines the resource describe collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -944,9 +1026,13 @@ spec: type: "string" events: description: "Events determines the events collector to execute." + not: + required: + - "name" + - "selector" properties: cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -982,12 +1068,16 @@ spec: type: "object" get: description: "Get determines the resource get collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1029,9 +1119,13 @@ spec: type: "object" podLogs: description: "PodLogs determines the pod logs collector to execute." + not: + required: + - "name" + - "selector" properties: cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1092,7 +1186,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1168,12 +1262,16 @@ spec: type: "object" wait: description: "Wait determines the resource wait collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1252,6 +1350,25 @@ spec: description: "Cleanup defines what will be executed after the test is terminated." items: description: "CatchFinally defines actions to be executed in catch, finally and cleanup blocks." + oneOf: + - required: + - "command" + - required: + - "delete" + - required: + - "describe" + - required: + - "events" + - required: + - "get" + - required: + - "podLogs" + - required: + - "script" + - required: + - "sleep" + - required: + - "wait" properties: command: description: "Command defines a command to run." @@ -1283,7 +1400,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1352,6 +1469,10 @@ spec: type: "object" delete: description: "Delete represents a deletion operation." + not: + required: + - "file" + - "ref" properties: bindings: description: "Bindings defines additional binding key/values." @@ -1371,7 +1492,7 @@ spec: type: "object" type: "array" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1448,12 +1569,16 @@ spec: type: "object" describe: description: "Describe determines the resource describe collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1497,9 +1622,13 @@ spec: type: "string" events: description: "Events determines the events collector to execute." + not: + required: + - "name" + - "selector" properties: cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1535,12 +1664,16 @@ spec: type: "object" get: description: "Get determines the resource get collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1582,9 +1715,13 @@ spec: type: "object" podLogs: description: "PodLogs determines the pod logs collector to execute." + not: + required: + - "name" + - "selector" properties: cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1645,7 +1782,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1721,12 +1858,16 @@ spec: type: "object" wait: description: "Wait determines the resource wait collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1802,7 +1943,7 @@ spec: type: "object" type: "array" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1833,6 +1974,25 @@ spec: description: "Finally defines what the step will execute after the step is terminated." items: description: "CatchFinally defines actions to be executed in catch, finally and cleanup blocks." + oneOf: + - required: + - "command" + - required: + - "delete" + - required: + - "describe" + - required: + - "events" + - required: + - "get" + - required: + - "podLogs" + - required: + - "script" + - required: + - "sleep" + - required: + - "wait" properties: command: description: "Command defines a command to run." @@ -1864,7 +2024,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -1933,6 +2093,10 @@ spec: type: "object" delete: description: "Delete represents a deletion operation." + not: + required: + - "file" + - "ref" properties: bindings: description: "Bindings defines additional binding key/values." @@ -1952,7 +2116,7 @@ spec: type: "object" type: "array" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2029,12 +2193,16 @@ spec: type: "object" describe: description: "Describe determines the resource describe collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2078,9 +2246,13 @@ spec: type: "string" events: description: "Events determines the events collector to execute." + not: + required: + - "name" + - "selector" properties: cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2116,12 +2288,16 @@ spec: type: "object" get: description: "Get determines the resource get collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2163,9 +2339,13 @@ spec: type: "object" podLogs: description: "PodLogs determines the pod logs collector to execute." + not: + required: + - "name" + - "selector" properties: cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2226,7 +2406,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2302,12 +2482,16 @@ spec: type: "object" wait: description: "Wait determines the resource wait collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2417,9 +2601,44 @@ spec: description: "Try defines what the step will try to execute." items: description: "Operation defines a single operation, only one action is permitted for a given operation." + oneOf: + - required: + - "apply" + - required: + - "assert" + - required: + - "command" + - required: + - "create" + - required: + - "delete" + - required: + - "describe" + - required: + - "error" + - required: + - "events" + - required: + - "patch" + - required: + - "podLogs" + - required: + - "proxy" + - required: + - "script" + - required: + - "sleep" + - required: + - "update" + - required: + - "wait" properties: apply: description: "Apply represents resources that should be applied for this test step. This can include things\nlike configuration settings or any other resources that need to be available during the test." + not: + required: + - "file" + - "resource" properties: bindings: description: "Bindings defines additional binding key/values." @@ -2439,7 +2658,7 @@ spec: type: "object" type: "array" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2514,6 +2733,10 @@ spec: type: "object" assert: description: "Assert represents an assertion to be made. It checks whether the conditions specified in the assertion hold true." + not: + required: + - "file" + - "resource" properties: bindings: description: "Bindings defines additional binding key/values." @@ -2533,7 +2756,7 @@ spec: type: "object" type: "array" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2594,7 +2817,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2666,6 +2889,10 @@ spec: type: "boolean" create: description: "Create represents a creation operation." + not: + required: + - "file" + - "resource" properties: bindings: description: "Bindings defines additional binding key/values." @@ -2685,7 +2912,7 @@ spec: type: "object" type: "array" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2760,6 +2987,10 @@ spec: type: "object" delete: description: "Delete represents a deletion operation." + not: + required: + - "file" + - "ref" properties: bindings: description: "Bindings defines additional binding key/values." @@ -2779,7 +3010,7 @@ spec: type: "object" type: "array" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2856,12 +3087,16 @@ spec: type: "object" describe: description: "Describe determines the resource describe collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2905,6 +3140,10 @@ spec: type: "string" error: description: "Error represents the expected errors for this test step. If any of these errors occur, the test\nwill consider them as expected; otherwise, they will be treated as test failures." + not: + required: + - "file" + - "resource" properties: bindings: description: "Bindings defines additional binding key/values." @@ -2924,7 +3163,7 @@ spec: type: "object" type: "array" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2957,9 +3196,13 @@ spec: type: "object" events: description: "Events determines the events collector to execute." + not: + required: + - "name" + - "selector" properties: cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -2995,12 +3238,16 @@ spec: type: "object" get: description: "Get determines the resource get collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -3042,6 +3289,10 @@ spec: type: "object" patch: description: "Patch represents a patch operation." + not: + required: + - "file" + - "resource" properties: bindings: description: "Bindings defines additional binding key/values." @@ -3061,7 +3312,7 @@ spec: type: "object" type: "array" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -3136,9 +3387,13 @@ spec: type: "object" podLogs: description: "PodLogs determines the pod logs collector to execute." + not: + required: + - "name" + - "selector" properties: cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -3181,7 +3436,7 @@ spec: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -3266,7 +3521,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -3342,6 +3597,10 @@ spec: type: "object" update: description: "Update represents an update operation." + not: + required: + - "file" + - "resource" properties: bindings: description: "Bindings defines additional binding key/values." @@ -3361,7 +3620,7 @@ spec: type: "object" type: "array" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -3436,12 +3695,16 @@ spec: type: "object" wait: description: "Wait determines the resource wait collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" clusters: additionalProperties: @@ -3517,8 +3780,13 @@ spec: type: "object" minItems: 1 type: "array" - required: - - "try" + use: + description: "Use defines a reference to a step template." + properties: + template: + description: "Template references a step template." + type: "string" + type: "object" type: "object" type: "array" template: diff --git a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha2/configurations.yaml b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha2/configurations.yaml index bd40f63d1..06446e2ec 100644 --- a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha2/configurations.yaml +++ b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha2/configurations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "configurations.chainsaw.kyverno.io" spec: group: "chainsaw.kyverno.io" @@ -30,6 +30,7 @@ spec: description: "Configuration spec." properties: cleanup: + default: {} description: "Cleanup contains cleanup configuration." properties: delayBeforeCleanup: @@ -86,103 +87,33 @@ spec: type: "string" type: "object" error: + default: {} description: "Error contains the global error configuration." properties: catch: description: "Catch defines what the tests steps will execute when an error happens.\nThis will be combined with catch handlers defined at the test and step levels." items: - description: "Operation defines operation elements." + description: "CatchFinally defines actions to be executed in catch, finally and cleanup blocks." + oneOf: + - required: + - "command" + - required: + - "delete" + - required: + - "describe" + - required: + - "events" + - required: + - "get" + - required: + - "podLogs" + - required: + - "script" + - required: + - "sleep" + - required: + - "wait" properties: - apply: - description: "Apply represents resources that should be applied for this test step. This can include things\nlike configuration settings or any other resources that need to be available during the test." - properties: - dryRun: - description: "DryRun determines whether the file should be applied in dry run mode." - type: "boolean" - expect: - description: "Expect defines a list of matched checks to validate the operation outcome." - items: - description: "Expectation represents a check to be applied on the result of an operation\nwith a match filter to determine if the verification should be considered." - properties: - check: - description: "Check defines the verification statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - match: - description: "Match defines the matching statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - required: - - "check" - type: "object" - type: "array" - file: - description: "File is the path to the referenced file. This can be a direct path to a file\nor an expression that matches multiple files, such as \"manifest/*.yaml\" for all YAML\nfiles within the \"manifest\" directory." - type: "string" - resource: - description: "Resource provides a resource to be applied." - type: "object" - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - template: - description: "Template determines whether resources should be considered for templating." - type: "boolean" - timeout: - description: "Timeout for the operation. Overrides the global timeout set in the Configuration." - type: "string" - type: "object" - assert: - description: "Assert represents an assertion to be made. It checks whether the conditions specified in the assertion hold true." - properties: - file: - description: "File is the path to the referenced file. This can be a direct path to a file\nor an expression that matches multiple files, such as \"manifest/*.yaml\" for all YAML\nfiles within the \"manifest\" directory." - type: "string" - resource: - description: "Check provides a check used in assertions." - type: "object" - x-kubernetes-preserve-unknown-fields: true - template: - description: "Template determines whether resources should be considered for templating." - type: "boolean" - timeout: - description: "Timeout for the operation. Overrides the global timeout set in the Configuration." - type: "string" - type: "object" - bindings: - description: "Bindings defines additional binding key/values." - items: - description: "Binding represents a key/value set as a binding in an executing test." - properties: - name: - description: "Name the name of the binding." - pattern: "^(?:\\w+|\\(.+\\))$" - type: "string" - value: - description: "Value value of the binding." - x-kubernetes-preserve-unknown-fields: true - required: - - "name" - - "value" - type: "object" - type: "array" - cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." - type: "string" - clusters: - additionalProperties: - description: "Cluster defines cluster config and context." - properties: - context: - description: "Context is the name of the context to use." - type: "string" - kubeconfig: - description: "Kubeconfig is the path to the referenced file." - type: "string" - required: - - "kubeconfig" - type: "object" - description: "Clusters holds a registry to clusters to support multi-cluster tests." - type: "object" command: description: "Command defines a command to run." properties: @@ -191,10 +122,45 @@ spec: items: type: "string" type: "array" + bindings: + description: "Bindings defines additional binding key/values." + items: + description: "Binding represents a key/value set as a binding in an executing test." + properties: + name: + description: "Name the name of the binding." + pattern: "^(?:\\w+|\\(.+\\))$" + type: "string" + value: + description: "Value value of the binding." + x-kubernetes-preserve-unknown-fields: true + required: + - "name" + - "value" + type: "object" + type: "array" check: description: "Check is an assertion tree to validate the operation outcome." type: "object" x-kubernetes-preserve-unknown-fields: true + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." + type: "object" entrypoint: description: "Entrypoint is the command entry point to run." type: "string" @@ -215,6 +181,27 @@ spec: - "value" type: "object" type: "array" + outputs: + description: "Outputs defines output bindings." + items: + description: "Output represents an output binding with a match to determine if the binding must be considered or not." + properties: + match: + description: "Match defines the matching statement." + type: "object" + x-kubernetes-preserve-unknown-fields: true + name: + description: "Name the name of the binding." + pattern: "^(?:\\w+|\\(.+\\))$" + type: "string" + value: + description: "Value value of the binding." + x-kubernetes-preserve-unknown-fields: true + required: + - "name" + - "value" + type: "object" + type: "array" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -224,47 +211,48 @@ spec: required: - "entrypoint" type: "object" - create: - description: "Create represents a creation operation." + delete: + description: "Delete represents a deletion operation." + not: + required: + - "file" + - "ref" properties: - dryRun: - description: "DryRun determines whether the file should be applied in dry run mode." - type: "boolean" - expect: - description: "Expect defines a list of matched checks to validate the operation outcome." + bindings: + description: "Bindings defines additional binding key/values." items: - description: "Expectation represents a check to be applied on the result of an operation\nwith a match filter to determine if the verification should be considered." + description: "Binding represents a key/value set as a binding in an executing test." properties: - check: - description: "Check defines the verification statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - match: - description: "Match defines the matching statement." - type: "object" + name: + description: "Name the name of the binding." + pattern: "^(?:\\w+|\\(.+\\))$" + type: "string" + value: + description: "Value value of the binding." x-kubernetes-preserve-unknown-fields: true required: - - "check" + - "name" + - "value" type: "object" type: "array" - file: - description: "File is the path to the referenced file. This can be a direct path to a file\nor an expression that matches multiple files, such as \"manifest/*.yaml\" for all YAML\nfiles within the \"manifest\" directory." + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" - resource: - description: "Resource provides a resource to be applied." + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." type: "object" - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - template: - description: "Template determines whether resources should be considered for templating." - type: "boolean" - timeout: - description: "Timeout for the operation. Overrides the global timeout set in the Configuration." - type: "string" - type: "object" - delete: - description: "Delete represents a deletion operation." - properties: deletionPropagationPolicy: description: "DeletionPropagationPolicy decides if a deletion will propagate to the dependents of\nthe object, and how the garbage collector will handle the propagation.\nOverrides the deletion propagation policy set in the Configuration, the Test and the TestStep." enum: @@ -301,39 +289,11 @@ spec: kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" - labelSelector: + labels: + additionalProperties: + type: "string" description: "Label selector to match objects to delete" - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "atomic" - required: - - "key" - - "operator" - type: "object" - type: "array" - x-kubernetes-list-type: "atomic" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" type: "object" - x-kubernetes-map-type: "atomic" name: description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" @@ -353,10 +313,32 @@ spec: type: "object" describe: description: "Describe determines the resource describe collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." + type: "object" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" @@ -382,26 +364,31 @@ spec: description: description: "Description contains a description of the operation." type: "string" - error: - description: "Error represents the expected errors for this test step. If any of these errors occur, the test\nwill consider them as expected; otherwise, they will be treated as test failures." - properties: - file: - description: "File is the path to the referenced file. This can be a direct path to a file\nor an expression that matches multiple files, such as \"manifest/*.yaml\" for all YAML\nfiles within the \"manifest\" directory." - type: "string" - resource: - description: "Check provides a check used in assertions." - type: "object" - x-kubernetes-preserve-unknown-fields: true - template: - description: "Template determines whether resources should be considered for templating." - type: "boolean" - timeout: - description: "Timeout for the operation. Overrides the global timeout set in the Configuration." - type: "string" - type: "object" events: description: "Events determines the events collector to execute." + not: + required: + - "name" + - "selector" properties: + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." + type: "object" format: description: "Format determines the output format (json or yaml)." pattern: "^(?:json|yaml|\\(.+\\))$" @@ -421,10 +408,32 @@ spec: type: "object" get: description: "Get determines the resource get collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." + type: "object" format: description: "Format determines the output format (json or yaml)." pattern: "^(?:json|yaml|\\(.+\\))$" @@ -448,68 +457,31 @@ spec: - "apiVersion" - "kind" type: "object" - outputs: - description: "Outputs defines output bindings." - items: - description: "Output represents an output binding with a match to determine if the binding must be considered or not." - properties: - match: - description: "Match defines the matching statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - name: - description: "Name the name of the binding." - pattern: "^(?:\\w+|\\(.+\\))$" - type: "string" - value: - description: "Value value of the binding." - x-kubernetes-preserve-unknown-fields: true + podLogs: + description: "PodLogs determines the pod logs collector to execute." + not: required: - "name" - - "value" - type: "object" - type: "array" - patch: - description: "Patch represents a patch operation." + - "selector" properties: - dryRun: - description: "DryRun determines whether the file should be applied in dry run mode." - type: "boolean" - expect: - description: "Expect defines a list of matched checks to validate the operation outcome." - items: - description: "Expectation represents a check to be applied on the result of an operation\nwith a match filter to determine if the verification should be considered." + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." properties: - check: - description: "Check defines the verification statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - match: - description: "Match defines the matching statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" required: - - "check" + - "kubeconfig" type: "object" - type: "array" - file: - description: "File is the path to the referenced file. This can be a direct path to a file\nor an expression that matches multiple files, such as \"manifest/*.yaml\" for all YAML\nfiles within the \"manifest\" directory." - type: "string" - resource: - description: "Resource provides a resource to be applied." + description: "Clusters holds a registry to clusters to support multi-cluster tests." type: "object" - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - template: - description: "Template determines whether resources should be considered for templating." - type: "boolean" - timeout: - description: "Timeout for the operation. Overrides the global timeout set in the Configuration." - type: "string" - type: "object" - podLogs: - description: "PodLogs determines the pod logs collector to execute." - properties: container: description: "Container in pod to get logs from else --all-containers is used." type: "string" @@ -532,10 +504,45 @@ spec: script: description: "Script defines a script to run." properties: + bindings: + description: "Bindings defines additional binding key/values." + items: + description: "Binding represents a key/value set as a binding in an executing test." + properties: + name: + description: "Name the name of the binding." + pattern: "^(?:\\w+|\\(.+\\))$" + type: "string" + value: + description: "Value value of the binding." + x-kubernetes-preserve-unknown-fields: true + required: + - "name" + - "value" + type: "object" + type: "array" check: description: "Check is an assertion tree to validate the operation outcome." type: "object" x-kubernetes-preserve-unknown-fields: true + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." + type: "object" content: description: "Content defines a shell script (run with \"sh -c ...\")." type: "string" @@ -556,6 +563,27 @@ spec: - "value" type: "object" type: "array" + outputs: + description: "Outputs defines output bindings." + items: + description: "Output represents an output binding with a match to determine if the binding must be considered or not." + properties: + match: + description: "Match defines the matching statement." + type: "object" + x-kubernetes-preserve-unknown-fields: true + name: + description: "Name the name of the binding." + pattern: "^(?:\\w+|\\(.+\\))$" + type: "string" + value: + description: "Value value of the binding." + x-kubernetes-preserve-unknown-fields: true + required: + - "name" + - "value" + type: "object" + type: "array" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -572,50 +600,34 @@ spec: required: - "duration" type: "object" - update: - description: "Update represents an update operation." - properties: - dryRun: - description: "DryRun determines whether the file should be applied in dry run mode." - type: "boolean" - expect: - description: "Expect defines a list of matched checks to validate the operation outcome." - items: - description: "Expectation represents a check to be applied on the result of an operation\nwith a match filter to determine if the verification should be considered." - properties: - check: - description: "Check defines the verification statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - match: - description: "Match defines the matching statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - required: - - "check" - type: "object" - type: "array" - file: - description: "File is the path to the referenced file. This can be a direct path to a file\nor an expression that matches multiple files, such as \"manifest/*.yaml\" for all YAML\nfiles within the \"manifest\" directory." - type: "string" - resource: - description: "Resource provides a resource to be applied." - type: "object" - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - template: - description: "Template determines whether resources should be considered for templating." - type: "boolean" - timeout: - description: "Timeout for the operation. Overrides the global timeout set in the Configuration." - type: "string" - type: "object" wait: description: "Wait determines the resource wait collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." + type: "object" for: description: "WaitFor specifies the condition to wait for." properties: @@ -676,6 +688,7 @@ spec: type: "array" type: "object" execution: + default: {} description: "Execution contains tests execution configuration." properties: failFast: @@ -696,6 +709,7 @@ spec: type: "integer" type: "object" namespace: + default: {} description: "Namespace contains properties for the namespace to use for tests." properties: name: @@ -738,21 +752,27 @@ spec: description: "Global timeouts configuration. Applies to all tests/test steps if not overridden." properties: apply: + default: "5s" description: "Apply defines the timeout for the apply operation" type: "string" assert: + default: "30s" description: "Assert defines the timeout for the assert operation" type: "string" cleanup: + default: "30s" description: "Cleanup defines the timeout for the cleanup operation" type: "string" delete: + default: "15s" description: "Delete defines the timeout for the delete operation" type: "string" error: + default: "30s" description: "Error defines the timeout for the error operation" type: "string" exec: + default: "5s" description: "Exec defines the timeout for exec operations" type: "string" type: "object" @@ -761,4 +781,4 @@ spec: - "spec" type: "object" served: true - storage: false + storage: true diff --git a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha2/tests.yaml b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha2/tests.yaml index 5110f8e9c..36eb52a9a 100644 --- a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha2/tests.yaml +++ b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha2/tests.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "tests.chainsaw.kyverno.io" spec: group: "chainsaw.kyverno.io" @@ -98,98 +98,27 @@ spec: catch: description: "Catch defines what the tests steps will execute when an error happens.\nThis will be combined with catch handlers defined at the test and step levels." items: - description: "Operation defines operation elements." + description: "CatchFinally defines actions to be executed in catch, finally and cleanup blocks." + oneOf: + - required: + - "command" + - required: + - "delete" + - required: + - "describe" + - required: + - "events" + - required: + - "get" + - required: + - "podLogs" + - required: + - "script" + - required: + - "sleep" + - required: + - "wait" properties: - apply: - description: "Apply represents resources that should be applied for this test step. This can include things\nlike configuration settings or any other resources that need to be available during the test." - properties: - dryRun: - description: "DryRun determines whether the file should be applied in dry run mode." - type: "boolean" - expect: - description: "Expect defines a list of matched checks to validate the operation outcome." - items: - description: "Expectation represents a check to be applied on the result of an operation\nwith a match filter to determine if the verification should be considered." - properties: - check: - description: "Check defines the verification statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - match: - description: "Match defines the matching statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - required: - - "check" - type: "object" - type: "array" - file: - description: "File is the path to the referenced file. This can be a direct path to a file\nor an expression that matches multiple files, such as \"manifest/*.yaml\" for all YAML\nfiles within the \"manifest\" directory." - type: "string" - resource: - description: "Resource provides a resource to be applied." - type: "object" - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - template: - description: "Template determines whether resources should be considered for templating." - type: "boolean" - timeout: - description: "Timeout for the operation. Overrides the global timeout set in the Configuration." - type: "string" - type: "object" - assert: - description: "Assert represents an assertion to be made. It checks whether the conditions specified in the assertion hold true." - properties: - file: - description: "File is the path to the referenced file. This can be a direct path to a file\nor an expression that matches multiple files, such as \"manifest/*.yaml\" for all YAML\nfiles within the \"manifest\" directory." - type: "string" - resource: - description: "Check provides a check used in assertions." - type: "object" - x-kubernetes-preserve-unknown-fields: true - template: - description: "Template determines whether resources should be considered for templating." - type: "boolean" - timeout: - description: "Timeout for the operation. Overrides the global timeout set in the Configuration." - type: "string" - type: "object" - bindings: - description: "Bindings defines additional binding key/values." - items: - description: "Binding represents a key/value set as a binding in an executing test." - properties: - name: - description: "Name the name of the binding." - pattern: "^(?:\\w+|\\(.+\\))$" - type: "string" - value: - description: "Value value of the binding." - x-kubernetes-preserve-unknown-fields: true - required: - - "name" - - "value" - type: "object" - type: "array" - cluster: - description: "Cluster defines the target cluster (default cluster will be used if not specified and/or overridden)." - type: "string" - clusters: - additionalProperties: - description: "Cluster defines cluster config and context." - properties: - context: - description: "Context is the name of the context to use." - type: "string" - kubeconfig: - description: "Kubeconfig is the path to the referenced file." - type: "string" - required: - - "kubeconfig" - type: "object" - description: "Clusters holds a registry to clusters to support multi-cluster tests." - type: "object" command: description: "Command defines a command to run." properties: @@ -198,10 +127,45 @@ spec: items: type: "string" type: "array" + bindings: + description: "Bindings defines additional binding key/values." + items: + description: "Binding represents a key/value set as a binding in an executing test." + properties: + name: + description: "Name the name of the binding." + pattern: "^(?:\\w+|\\(.+\\))$" + type: "string" + value: + description: "Value value of the binding." + x-kubernetes-preserve-unknown-fields: true + required: + - "name" + - "value" + type: "object" + type: "array" check: description: "Check is an assertion tree to validate the operation outcome." type: "object" x-kubernetes-preserve-unknown-fields: true + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." + type: "object" entrypoint: description: "Entrypoint is the command entry point to run." type: "string" @@ -222,6 +186,27 @@ spec: - "value" type: "object" type: "array" + outputs: + description: "Outputs defines output bindings." + items: + description: "Output represents an output binding with a match to determine if the binding must be considered or not." + properties: + match: + description: "Match defines the matching statement." + type: "object" + x-kubernetes-preserve-unknown-fields: true + name: + description: "Name the name of the binding." + pattern: "^(?:\\w+|\\(.+\\))$" + type: "string" + value: + description: "Value value of the binding." + x-kubernetes-preserve-unknown-fields: true + required: + - "name" + - "value" + type: "object" + type: "array" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -231,47 +216,48 @@ spec: required: - "entrypoint" type: "object" - create: - description: "Create represents a creation operation." + delete: + description: "Delete represents a deletion operation." + not: + required: + - "file" + - "ref" properties: - dryRun: - description: "DryRun determines whether the file should be applied in dry run mode." - type: "boolean" - expect: - description: "Expect defines a list of matched checks to validate the operation outcome." + bindings: + description: "Bindings defines additional binding key/values." items: - description: "Expectation represents a check to be applied on the result of an operation\nwith a match filter to determine if the verification should be considered." + description: "Binding represents a key/value set as a binding in an executing test." properties: - check: - description: "Check defines the verification statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - match: - description: "Match defines the matching statement." - type: "object" + name: + description: "Name the name of the binding." + pattern: "^(?:\\w+|\\(.+\\))$" + type: "string" + value: + description: "Value value of the binding." x-kubernetes-preserve-unknown-fields: true required: - - "check" + - "name" + - "value" type: "object" type: "array" - file: - description: "File is the path to the referenced file. This can be a direct path to a file\nor an expression that matches multiple files, such as \"manifest/*.yaml\" for all YAML\nfiles within the \"manifest\" directory." + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." type: "string" - resource: - description: "Resource provides a resource to be applied." + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." type: "object" - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - template: - description: "Template determines whether resources should be considered for templating." - type: "boolean" - timeout: - description: "Timeout for the operation. Overrides the global timeout set in the Configuration." - type: "string" - type: "object" - delete: - description: "Delete represents a deletion operation." - properties: deletionPropagationPolicy: description: "DeletionPropagationPolicy decides if a deletion will propagate to the dependents of\nthe object, and how the garbage collector will handle the propagation.\nOverrides the deletion propagation policy set in the Configuration, the Test and the TestStep." enum: @@ -308,39 +294,11 @@ spec: kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" - labelSelector: + labels: + additionalProperties: + type: "string" description: "Label selector to match objects to delete" - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "atomic" - required: - - "key" - - "operator" - type: "object" - type: "array" - x-kubernetes-list-type: "atomic" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" type: "object" - x-kubernetes-map-type: "atomic" name: description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" @@ -360,10 +318,32 @@ spec: type: "object" describe: description: "Describe determines the resource describe collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." + type: "object" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" @@ -389,26 +369,31 @@ spec: description: description: "Description contains a description of the operation." type: "string" - error: - description: "Error represents the expected errors for this test step. If any of these errors occur, the test\nwill consider them as expected; otherwise, they will be treated as test failures." - properties: - file: - description: "File is the path to the referenced file. This can be a direct path to a file\nor an expression that matches multiple files, such as \"manifest/*.yaml\" for all YAML\nfiles within the \"manifest\" directory." - type: "string" - resource: - description: "Check provides a check used in assertions." - type: "object" - x-kubernetes-preserve-unknown-fields: true - template: - description: "Template determines whether resources should be considered for templating." - type: "boolean" - timeout: - description: "Timeout for the operation. Overrides the global timeout set in the Configuration." - type: "string" - type: "object" events: description: "Events determines the events collector to execute." + not: + required: + - "name" + - "selector" properties: + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." + type: "object" format: description: "Format determines the output format (json or yaml)." pattern: "^(?:json|yaml|\\(.+\\))$" @@ -428,10 +413,32 @@ spec: type: "object" get: description: "Get determines the resource get collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." + type: "object" format: description: "Format determines the output format (json or yaml)." pattern: "^(?:json|yaml|\\(.+\\))$" @@ -455,68 +462,31 @@ spec: - "apiVersion" - "kind" type: "object" - outputs: - description: "Outputs defines output bindings." - items: - description: "Output represents an output binding with a match to determine if the binding must be considered or not." - properties: - match: - description: "Match defines the matching statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - name: - description: "Name the name of the binding." - pattern: "^(?:\\w+|\\(.+\\))$" - type: "string" - value: - description: "Value value of the binding." - x-kubernetes-preserve-unknown-fields: true + podLogs: + description: "PodLogs determines the pod logs collector to execute." + not: required: - "name" - - "value" - type: "object" - type: "array" - patch: - description: "Patch represents a patch operation." + - "selector" properties: - dryRun: - description: "DryRun determines whether the file should be applied in dry run mode." - type: "boolean" - expect: - description: "Expect defines a list of matched checks to validate the operation outcome." - items: - description: "Expectation represents a check to be applied on the result of an operation\nwith a match filter to determine if the verification should be considered." + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." properties: - check: - description: "Check defines the verification statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - match: - description: "Match defines the matching statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" required: - - "check" + - "kubeconfig" type: "object" - type: "array" - file: - description: "File is the path to the referenced file. This can be a direct path to a file\nor an expression that matches multiple files, such as \"manifest/*.yaml\" for all YAML\nfiles within the \"manifest\" directory." - type: "string" - resource: - description: "Resource provides a resource to be applied." + description: "Clusters holds a registry to clusters to support multi-cluster tests." type: "object" - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - template: - description: "Template determines whether resources should be considered for templating." - type: "boolean" - timeout: - description: "Timeout for the operation. Overrides the global timeout set in the Configuration." - type: "string" - type: "object" - podLogs: - description: "PodLogs determines the pod logs collector to execute." - properties: container: description: "Container in pod to get logs from else --all-containers is used." type: "string" @@ -539,10 +509,45 @@ spec: script: description: "Script defines a script to run." properties: + bindings: + description: "Bindings defines additional binding key/values." + items: + description: "Binding represents a key/value set as a binding in an executing test." + properties: + name: + description: "Name the name of the binding." + pattern: "^(?:\\w+|\\(.+\\))$" + type: "string" + value: + description: "Value value of the binding." + x-kubernetes-preserve-unknown-fields: true + required: + - "name" + - "value" + type: "object" + type: "array" check: description: "Check is an assertion tree to validate the operation outcome." type: "object" x-kubernetes-preserve-unknown-fields: true + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." + type: "object" content: description: "Content defines a shell script (run with \"sh -c ...\")." type: "string" @@ -563,6 +568,27 @@ spec: - "value" type: "object" type: "array" + outputs: + description: "Outputs defines output bindings." + items: + description: "Output represents an output binding with a match to determine if the binding must be considered or not." + properties: + match: + description: "Match defines the matching statement." + type: "object" + x-kubernetes-preserve-unknown-fields: true + name: + description: "Name the name of the binding." + pattern: "^(?:\\w+|\\(.+\\))$" + type: "string" + value: + description: "Value value of the binding." + x-kubernetes-preserve-unknown-fields: true + required: + - "name" + - "value" + type: "object" + type: "array" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -579,50 +605,34 @@ spec: required: - "duration" type: "object" - update: - description: "Update represents an update operation." - properties: - dryRun: - description: "DryRun determines whether the file should be applied in dry run mode." - type: "boolean" - expect: - description: "Expect defines a list of matched checks to validate the operation outcome." - items: - description: "Expectation represents a check to be applied on the result of an operation\nwith a match filter to determine if the verification should be considered." - properties: - check: - description: "Check defines the verification statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - match: - description: "Match defines the matching statement." - type: "object" - x-kubernetes-preserve-unknown-fields: true - required: - - "check" - type: "object" - type: "array" - file: - description: "File is the path to the referenced file. This can be a direct path to a file\nor an expression that matches multiple files, such as \"manifest/*.yaml\" for all YAML\nfiles within the \"manifest\" directory." - type: "string" - resource: - description: "Resource provides a resource to be applied." - type: "object" - x-kubernetes-embedded-resource: true - x-kubernetes-preserve-unknown-fields: true - template: - description: "Template determines whether resources should be considered for templating." - type: "boolean" - timeout: - description: "Timeout for the operation. Overrides the global timeout set in the Configuration." - type: "string" - type: "object" wait: description: "Wait determines the resource wait collector to execute." + not: + required: + - "name" + - "selector" properties: apiVersion: description: "API version of the referent." type: "string" + cluster: + description: "Cluster defines the target cluster (will be inherited if not specified)." + type: "string" + clusters: + additionalProperties: + description: "Cluster defines cluster config and context." + properties: + context: + description: "Context is the name of the context to use." + type: "string" + kubeconfig: + description: "Kubeconfig is the path to the referenced file." + type: "string" + required: + - "kubeconfig" + type: "object" + description: "Clusters holds a registry to clusters to support multi-cluster tests." + type: "object" for: description: "WaitFor specifies the condition to wait for." properties: diff --git a/crd-catalog/leaksignal/leaksignal-operator/leaksignal.com/v1/cluster-leaksignal-istios.yaml b/crd-catalog/leaksignal/leaksignal-operator/leaksignal.com/v1/cluster-leaksignal-istios.yaml index be57a000d..9415eec18 100644 --- a/crd-catalog/leaksignal/leaksignal-operator/leaksignal.com/v1/cluster-leaksignal-istios.yaml +++ b/crd-catalog/leaksignal/leaksignal-operator/leaksignal.com/v1/cluster-leaksignal-istios.yaml @@ -25,6 +25,9 @@ spec: caBundle: description: "Location of CA bundle in istio-proxy. Default is `/etc/ssl/certs/ca-certificates.crt` which is suitable for Istio. OpenShift Service Mesh requires `/etc/ssl/certs/ca-bundle.crt`." type: "string" + enableClientInterception: + description: "If true (default), then certificates are installed in pods for outbound TLS interception." + type: "boolean" enableStreaming: description: "If `true` (default), then L4 streams are also scanned by LeakSignal Proxy." type: "boolean" diff --git a/crd-catalog/leaksignal/leaksignal-operator/leaksignal.com/v1/leaksignal-istios.yaml b/crd-catalog/leaksignal/leaksignal-operator/leaksignal.com/v1/leaksignal-istios.yaml index 361e61366..996c1b9dd 100644 --- a/crd-catalog/leaksignal/leaksignal-operator/leaksignal.com/v1/leaksignal-istios.yaml +++ b/crd-catalog/leaksignal/leaksignal-operator/leaksignal.com/v1/leaksignal-istios.yaml @@ -25,6 +25,9 @@ spec: caBundle: description: "Location of CA bundle in istio-proxy. Default is `/etc/ssl/certs/ca-certificates.crt` which is suitable for Istio. OpenShift Service Mesh requires `/etc/ssl/certs/ca-bundle.crt`." type: "string" + enableClientInterception: + description: "If true (default), then certificates are installed in pods for outbound TLS interception." + type: "boolean" enableStreaming: description: "If `true` (default), then L4 streams are also scanned by LeakSignal Proxy." type: "boolean" diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagedatasources.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagedatasources.yaml index 6b8b2d634..f15103827 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagedatasources.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagedatasources.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "backingimagedatasources.longhorn.io" spec: @@ -46,10 +46,10 @@ spec: description: "BackingImageDataSource is where Longhorn stores backing image data source object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -62,9 +62,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagemanagers.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagemanagers.yaml index 37d8aad62..acbee945e 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagemanagers.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagemanagers.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "backingimagemanagers.longhorn.io" spec: @@ -50,10 +50,10 @@ spec: description: "BackingImageManager is where Longhorn stores backing image manager object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -66,9 +66,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimages.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimages.yaml index 386b6174c..692635969 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimages.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimages.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "backingimages.longhorn.io" spec: @@ -46,10 +46,10 @@ spec: description: "BackingImage is where Longhorn stores backing image object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -62,9 +62,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backups.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backups.yaml index a22fb868d..299728dbe 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backups.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backups.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "backups.longhorn.io" spec: @@ -47,10 +47,10 @@ spec: description: "Backup is where Longhorn stores backup object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -63,9 +63,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backuptargets.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backuptargets.yaml index 162613121..831e6efed 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backuptargets.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backuptargets.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "backuptargets.longhorn.io" spec: @@ -59,10 +59,10 @@ spec: description: "BackupTarget is where Longhorn stores backup target object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -75,9 +75,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backupvolumes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backupvolumes.yaml index 65e8a27d8..f1d3d4a66 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backupvolumes.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backupvolumes.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "backupvolumes.longhorn.io" spec: @@ -43,10 +43,10 @@ spec: description: "BackupVolume is where Longhorn stores backup volume object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -59,9 +59,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engineimages.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engineimages.yaml index f823357dd..f2340ab59 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engineimages.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engineimages.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "engineimages.longhorn.io" spec: @@ -59,10 +59,10 @@ spec: description: "EngineImage is where Longhorn stores engine image object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -75,9 +75,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engines.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engines.yaml index 952849a83..61f76d172 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engines.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engines.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "engines.longhorn.io" spec: @@ -47,10 +47,10 @@ spec: description: "Engine is where Longhorn stores engine object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -63,9 +63,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/instancemanagers.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/instancemanagers.yaml index 8a693ece8..c43e6f771 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/instancemanagers.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/instancemanagers.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "instancemanagers.longhorn.io" spec: @@ -43,10 +43,10 @@ spec: description: "InstanceManager is where Longhorn stores instance manager object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -59,9 +59,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/nodes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/nodes.yaml index e3fa1ce44..3998c38cc 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/nodes.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/nodes.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "nodes.longhorn.io" spec: @@ -55,10 +55,10 @@ spec: description: "Node is where Longhorn stores Longhorn node object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -71,9 +71,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/recurringjobs.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/recurringjobs.yaml index 6088059e3..c48f749bc 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/recurringjobs.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/recurringjobs.yaml @@ -2,8 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: + app.kubernetes.io/instance: "longhorn" + app.kubernetes.io/name: "longhorn" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "recurringjobs.longhorn.io" spec: @@ -51,10 +54,10 @@ spec: description: "RecurringJob is where Longhorn stores recurring job object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -67,9 +70,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/replicas.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/replicas.yaml index 1b6707c16..5bd9e4b65 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/replicas.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/replicas.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "replicas.longhorn.io" spec: @@ -51,10 +51,10 @@ spec: description: "Replica is where Longhorn stores replica object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -67,9 +67,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/settings.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/settings.yaml index d042031c0..76bff8d53 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/settings.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/settings.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "settings.longhorn.io" spec: @@ -35,10 +35,10 @@ spec: description: "Setting is where Longhorn stores setting object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -51,9 +51,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/sharemanagers.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/sharemanagers.yaml index c6f8f2b95..af722d765 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/sharemanagers.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/sharemanagers.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "sharemanagers.longhorn.io" spec: @@ -38,10 +38,10 @@ spec: description: "ShareManager is where Longhorn stores share manager object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -54,9 +54,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/volumes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/volumes.yaml index 0f7313f59..27b6d43a1 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/volumes.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/volumes.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "volumes.longhorn.io" spec: @@ -63,10 +63,10 @@ spec: description: "Volume is where Longhorn stores volume object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -79,9 +79,3 @@ spec: storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagedatasources.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagedatasources.yaml index aeec1c792..8abd85710 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagedatasources.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagedatasources.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "backingimagedatasources.longhorn.io" spec: @@ -54,10 +54,10 @@ spec: description: "BackingImageDataSource is where Longhorn stores backing image data source object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -120,9 +120,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagemanagers.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagemanagers.yaml index 1a6f93323..fb96cdd72 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagemanagers.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagemanagers.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "backingimagemanagers.longhorn.io" spec: @@ -50,10 +50,10 @@ spec: description: "BackingImageManager is where Longhorn stores backing image manager object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -122,9 +122,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimages.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimages.yaml index 71992826e..1872ab689 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimages.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimages.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "backingimages.longhorn.io" spec: @@ -58,10 +58,10 @@ spec: description: "BackingImage is where Longhorn stores backing image object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -70,10 +70,28 @@ spec: properties: checksum: type: "string" + diskFileSpecMap: + additionalProperties: + properties: + evictionRequested: + type: "boolean" + type: "object" + type: "object" + diskSelector: + items: + type: "string" + type: "array" disks: additionalProperties: type: "string" + description: "Deprecated. We are now using DiskFileSpecMap to assign different spec to the file on different disks." type: "object" + minNumberOfCopies: + type: "integer" + nodeSelector: + items: + type: "string" + type: "array" secret: type: "string" secretNamespace: @@ -132,9 +150,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupbackingimages.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupbackingimages.yaml index 445168ac6..b2e555af6 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupbackingimages.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupbackingimages.yaml @@ -2,8 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: + app.kubernetes.io/instance: "longhorn" + app.kubernetes.io/name: "longhorn" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "backupbackingimages.longhorn.io" spec: @@ -44,10 +47,10 @@ spec: description: "BackupBackingImage is where Longhorn stores backing image backup object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -65,7 +68,7 @@ spec: nullable: true type: "string" userCreated: - description: "Is this CR created by user through API or UI. Required" + description: "Is this CR created by user through API or UI.\nRequired" type: "boolean" required: - "userCreated" @@ -119,7 +122,7 @@ spec: format: "int64" type: "integer" state: - description: "The backing image backup creation state. Can be \"\", \"InProgress\", \"Completed\", \"Error\", \"Unknown\"." + description: "The backing image backup creation state.\nCan be \"\", \"InProgress\", \"Completed\", \"Error\", \"Unknown\"." type: "string" url: description: "The backing image backup URL." @@ -130,9 +133,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backups.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backups.yaml index 2a200e6d9..0f0990cac 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backups.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backups.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "backups.longhorn.io" spec: @@ -47,16 +47,23 @@ spec: description: "Backup is where Longhorn stores backup object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: description: "BackupSpec defines the desired state of the Longhorn backup" properties: + backupMode: + description: "The backup mode of this backup.\nCan be \"full\" or \"incremental\"" + enum: + - "full" + - "incremental" + - "" + type: "string" labels: additionalProperties: type: "string" @@ -100,12 +107,18 @@ spec: description: "The error messages when calling longhorn engine on listing or inspecting backups." nullable: true type: "object" + newlyUploadDataSize: + description: "Size in bytes of newly uploaded data" + type: "string" ownerID: description: "The node ID on which the controller is responsible to reconcile this backup CR." type: "string" progress: description: "The snapshot backup progress." type: "integer" + reUploadedDataSize: + description: "Size in bytes of reuploaded data" + type: "string" replicaAddress: description: "The address of the replica that runs snapshot backup." type: "string" @@ -119,7 +132,7 @@ spec: description: "The snapshot name." type: "string" state: - description: "The backup creation state. Can be \"\", \"InProgress\", \"Completed\", \"Error\", \"Unknown\"." + description: "The backup creation state.\nCan be \"\", \"InProgress\", \"Completed\", \"Error\", \"Unknown\"." type: "string" url: description: "The snapshot backup URL." @@ -142,9 +155,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backuptargets.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backuptargets.yaml index 20e499e82..eba98c0dd 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backuptargets.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backuptargets.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "backuptargets.longhorn.io" spec: @@ -59,10 +59,10 @@ spec: description: "BackupTarget is where Longhorn stores backup target object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -107,7 +107,7 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown." + description: "Status is the status of the condition.\nCan be True, False, Unknown." type: "string" type: description: "Type is the type of the condition." @@ -129,9 +129,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupvolumes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupvolumes.yaml index 1b5458dba..74bc2640f 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupvolumes.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupvolumes.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "backupvolumes.longhorn.io" spec: @@ -43,10 +43,10 @@ spec: description: "BackupVolume is where Longhorn stores backup volume object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -117,9 +117,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engineimages.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engineimages.yaml index d74b60074..1fc55c9a2 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engineimages.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engineimages.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "engineimages.longhorn.io" spec: @@ -63,10 +63,10 @@ spec: description: "EngineImage is where Longhorn stores engine image object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -104,7 +104,7 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown." + description: "Status is the status of the condition.\nCan be True, False, Unknown." type: "string" type: description: "Type is the type of the condition." @@ -145,9 +145,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engines.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engines.yaml index 130a83a65..a806c07f9 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engines.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engines.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "engines.longhorn.io" spec: @@ -51,10 +51,10 @@ spec: description: "Engine is where Longhorn stores engine object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -64,7 +64,7 @@ spec: active: type: "boolean" backendStoreDriver: - description: "Deprecated: Replaced by field `dataEngine`." + description: "Deprecated:Replaced by field `dataEngine`." type: "string" backupVolume: type: "string" @@ -177,7 +177,7 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown." + description: "Status is the status of the condition.\nCan be True, False, Unknown." type: "string" type: description: "Type is the type of the condition." @@ -255,7 +255,7 @@ spec: replicaTransitionTimeMap: additionalProperties: type: "string" - description: "ReplicaTransitionTimeMap records the time a replica in ReplicaModeMap transitions from one mode to another (or from not being in the ReplicaModeMap to being in it). This information is sometimes required by other controllers (e.g. the volume controller uses it to determine the correct value for replica.Spec.lastHealthyAt)." + description: "ReplicaTransitionTimeMap records the time a replica in ReplicaModeMap transitions from one mode to another (or\nfrom not being in the ReplicaModeMap to being in it). This information is sometimes required by other controllers\n(e.g. the volume controller uses it to determine the correct value for replica.Spec.lastHealthyAt)." type: "object" restoreStatus: additionalProperties: @@ -328,9 +328,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/instancemanagers.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/instancemanagers.yaml index a03907242..51e07ea89 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/instancemanagers.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/instancemanagers.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "instancemanagers.longhorn.io" spec: @@ -47,10 +47,10 @@ spec: description: "InstanceManager is where Longhorn stores instance manager object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -85,7 +85,7 @@ spec: spec: properties: backendStoreDriver: - description: "Deprecated: Replaced by field `dataEngine`." + description: "Deprecated:Replaced by field `dataEngine`." type: "string" dataEngine: type: "string" @@ -116,6 +116,12 @@ spec: type: "integer" state: type: "string" + targetPortEnd: + format: "int32" + type: "integer" + targetPortStart: + format: "int32" + type: "integer" type: type: "string" type: "object" @@ -128,7 +134,7 @@ spec: spec: properties: backendStoreDriver: - description: "Deprecated: Replaced by field `dataEngine`." + description: "Deprecated:Replaced by field `dataEngine`." type: "string" dataEngine: type: "string" @@ -159,6 +165,12 @@ spec: type: "integer" state: type: "string" + targetPortEnd: + format: "int32" + type: "integer" + targetPortStart: + format: "int32" + type: "integer" type: type: "string" type: "object" @@ -171,7 +183,7 @@ spec: spec: properties: backendStoreDriver: - description: "Deprecated: Replaced by field `dataEngine`." + description: "Deprecated:Replaced by field `dataEngine`." type: "string" dataEngine: type: "string" @@ -202,6 +214,12 @@ spec: type: "integer" state: type: "string" + targetPortEnd: + format: "int32" + type: "integer" + targetPortStart: + format: "int32" + type: "integer" type: type: "string" type: "object" @@ -223,9 +241,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/nodes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/nodes.yaml index 0a9ec594e..e304e21f6 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/nodes.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/nodes.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "nodes.longhorn.io" spec: @@ -55,10 +55,10 @@ spec: description: "Node is where Longhorn stores Longhorn node object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -66,7 +66,6 @@ spec: description: "NodeSpec defines the desired state of the Longhorn node" properties: allowScheduling: - description: "Allow scheduling replicas on the node." type: "boolean" disks: additionalProperties: @@ -129,7 +128,7 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown." + description: "Status is the status of the condition.\nCan be True, False, Unknown." type: "string" type: description: "Type is the type of the condition." @@ -156,7 +155,7 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown." + description: "Status is the status of the condition.\nCan be True, False, Unknown." type: "string" type: description: "Type is the type of the condition." @@ -194,21 +193,17 @@ spec: format: "int64" type: "integer" type: "object" - description: "The status of the disks on the node." nullable: true type: "object" region: - description: "The Region of the node." type: "string" snapshotCheckStatus: - description: "The status of the snapshot integrity check." properties: lastPeriodicCheckedAt: format: "date-time" type: "string" type: "object" zone: - description: "The Zone of the node." type: "string" type: "object" type: "object" @@ -216,9 +211,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/orphans.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/orphans.yaml index ed6ccd180..6c9d553b9 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/orphans.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/orphans.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "orphans.longhorn.io" spec: @@ -35,10 +35,10 @@ spec: description: "Orphan is where Longhorn stores orphan object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -49,7 +49,7 @@ spec: description: "The node ID on which the controller is responsible to reconcile this orphan CR." type: "string" orphanType: - description: "The type of the orphaned data. Can be \"replica\"." + description: "The type of the orphaned data.\nCan be \"replica\"." type: "string" parameters: additionalProperties: @@ -76,7 +76,7 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown." + description: "Status is the status of the condition.\nCan be True, False, Unknown." type: "string" type: description: "Type is the type of the condition." @@ -92,9 +92,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/recurringjobs.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/recurringjobs.yaml index 9cbb9fbdb..655e360b7 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/recurringjobs.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/recurringjobs.yaml @@ -2,8 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: + app.kubernetes.io/instance: "longhorn" + app.kubernetes.io/name: "longhorn" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "recurringjobs.longhorn.io" spec: @@ -51,10 +54,10 @@ spec: description: "RecurringJob is where Longhorn stores recurring job object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -80,11 +83,16 @@ spec: name: description: "The recurring job name." type: "string" + parameters: + additionalProperties: + type: "string" + description: "The parameters of the snapshot/backup.\nSupport parameters: \"full-backup-interval\"." + type: "object" retain: description: "The retain count of the snapshot/backup." type: "integer" task: - description: "The recurring job task. Can be \"snapshot\", \"snapshot-force-create\", \"snapshot-cleanup\", \"snapshot-delete\", \"backup\", \"backup-force-create\" or \"filesystem-trim\"" + description: "The recurring job task.\nCan be \"snapshot\", \"snapshot-force-create\", \"snapshot-cleanup\", \"snapshot-delete\", \"backup\", \"backup-force-create\" or \"filesystem-trim\"" enum: - "snapshot" - "snapshot-force-create" @@ -98,6 +106,9 @@ spec: status: description: "RecurringJobStatus defines the observed state of the Longhorn recurring job" properties: + executionCount: + description: "The number of jobs that have been triggered." + type: "integer" ownerID: description: "The owner ID which is responsible to reconcile this recurring job CR." type: "string" @@ -107,9 +118,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/replicas.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/replicas.yaml index e2d9cb7e6..0c079844b 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/replicas.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/replicas.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "replicas.longhorn.io" spec: @@ -55,10 +55,10 @@ spec: description: "Replica is where Longhorn stores replica object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -68,7 +68,7 @@ spec: active: type: "boolean" backendStoreDriver: - description: "Deprecated: Replaced by field `dataEngine`." + description: "Deprecated:Replaced by field `dataEngine`." type: "string" backingImage: type: "string" @@ -93,20 +93,20 @@ spec: evictionRequested: type: "boolean" failedAt: - description: "FailedAt is set when a running replica fails or when a running engine is unable to use a replica for any reason. FailedAt indicates the time the failure occurred. When FailedAt is set, a replica is likely to have useful (though possibly stale) data. A replica with FailedAt set must be rebuilt from a non-failed replica (or it can be used in a salvage if all replicas are failed). FailedAt is cleared before a rebuild or salvage. FailedAt may be later than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller acknowledges the change." + description: "FailedAt is set when a running replica fails or when a running engine is unable to use a replica for any reason.\nFailedAt indicates the time the failure occurred. When FailedAt is set, a replica is likely to have useful\n(though possibly stale) data. A replica with FailedAt set must be rebuilt from a non-failed replica (or it can\nbe used in a salvage if all replicas are failed). FailedAt is cleared before a rebuild or salvage. FailedAt may\nbe later than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume\ncontroller acknowledges the change." type: "string" hardNodeAffinity: type: "string" healthyAt: - description: "HealthyAt is set the first time a replica becomes read/write in an engine after creation or rebuild. HealthyAt indicates the time the last successful rebuild occurred. When HealthyAt is set, a replica is likely to have useful (though possibly stale) data. HealthyAt is cleared before a rebuild. HealthyAt may be later than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller acknowledges the change." + description: "HealthyAt is set the first time a replica becomes read/write in an engine after creation or rebuild. HealthyAt\nindicates the time the last successful rebuild occurred. When HealthyAt is set, a replica is likely to have\nuseful (though possibly stale) data. HealthyAt is cleared before a rebuild. HealthyAt may be later than the\ncorresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller\nacknowledges the change." type: "string" image: type: "string" lastFailedAt: - description: "LastFailedAt is always set at the same time as FailedAt. Unlike FailedAt, LastFailedAt is never cleared. LastFailedAt is not a reliable indicator of the state of a replica's data. For example, a replica with LastFailedAt may already be healthy and in use again. However, because it is never cleared, it can be compared to LastHealthyAt to help prevent dangerous replica deletion in some corner cases. LastFailedAt may be later than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller acknowledges the change." + description: "LastFailedAt is always set at the same time as FailedAt. Unlike FailedAt, LastFailedAt is never cleared.\nLastFailedAt is not a reliable indicator of the state of a replica's data. For example, a replica with\nLastFailedAt may already be healthy and in use again. However, because it is never cleared, it can be compared to\nLastHealthyAt to help prevent dangerous replica deletion in some corner cases. LastFailedAt may be later than the\ncorresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller\nacknowledges the change." type: "string" lastHealthyAt: - description: "LastHealthyAt is set every time a replica becomes read/write in an engine. Unlike HealthyAt, LastHealthyAt is never cleared. LastHealthyAt is not a reliable indicator of the state of a replica's data. For example, a replica with LastHealthyAt set may be in the middle of a rebuild. However, because it is never cleared, it can be compared to LastFailedAt to help prevent dangerous replica deletion in some corner cases. LastHealthyAt may be later than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller acknowledges the change." + description: "LastHealthyAt is set every time a replica becomes read/write in an engine. Unlike HealthyAt, LastHealthyAt is\nnever cleared. LastHealthyAt is not a reliable indicator of the state of a replica's data. For example, a\nreplica with LastHealthyAt set may be in the middle of a rebuild. However, because it is never cleared, it can be\ncompared to LastFailedAt to help prevent dangerous replica deletion in some corner cases. LastHealthyAt may be\nlater than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume\ncontroller acknowledges the change." type: "string" logRequested: type: "boolean" @@ -150,7 +150,7 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown." + description: "Status is the status of the condition.\nCan be True, False, Unknown." type: "string" type: description: "Type is the type of the condition." @@ -187,9 +187,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/settings.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/settings.yaml index 3f2a712ce..c32e36c7b 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/settings.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/settings.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "settings.longhorn.io" spec: @@ -39,15 +39,15 @@ spec: description: "Setting is where Longhorn stores setting object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" status: - description: "SettingStatus defines the observed state of the Longhorn setting" + description: "The status of the setting." properties: applied: description: "The setting is applied." @@ -65,9 +65,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/sharemanagers.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/sharemanagers.yaml index 3c687e921..f52940e1e 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/sharemanagers.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/sharemanagers.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "sharemanagers.longhorn.io" spec: @@ -38,10 +38,10 @@ spec: description: "ShareManager is where Longhorn stores share manager object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -70,9 +70,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/snapshots.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/snapshots.yaml index 316b95699..d9260d3b8 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/snapshots.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/snapshots.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "snapshots.longhorn.io" spec: @@ -50,10 +50,10 @@ spec: description: "Snapshot is the Schema for the snapshots API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -70,7 +70,7 @@ spec: nullable: true type: "object" volume: - description: "the volume that this snapshot belongs to. This field is immutable after creation. Required" + description: "the volume that this snapshot belongs to.\nThis field is immutable after creation.\nRequired" type: "string" required: - "volume" @@ -116,9 +116,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/supportbundles.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/supportbundles.yaml index a374c4f74..51c8ea877 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/supportbundles.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/supportbundles.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "supportbundles.longhorn.io" spec: @@ -42,10 +42,10 @@ spec: description: "SupportBundle is where Longhorn stores support bundle object" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -84,7 +84,7 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown." + description: "Status is the status of the condition.\nCan be True, False, Unknown." type: "string" type: description: "Type is the type of the condition." @@ -115,9 +115,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systembackups.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systembackups.yaml index f4b531129..e999c219b 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systembackups.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systembackups.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "systembackups.longhorn.io" spec: @@ -43,10 +43,10 @@ spec: description: "SystemBackup is where Longhorn stores system backup object" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -54,7 +54,7 @@ spec: description: "SystemBackupSpec defines the desired state of the Longhorn SystemBackup" properties: volumeBackupPolicy: - description: "The create volume backup policy Can be \"if-not-present\", \"always\" or \"disabled\"" + description: "The create volume backup policy\nCan be \"if-not-present\", \"always\" or \"disabled\"" nullable: true type: "string" type: "object" @@ -77,7 +77,7 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown." + description: "Status is the status of the condition.\nCan be True, False, Unknown." type: "string" type: description: "Type is the type of the condition." @@ -117,9 +117,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systemrestores.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systemrestores.yaml index f8d582ff7..982574bc1 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systemrestores.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systemrestores.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "systemrestores.longhorn.io" spec: @@ -34,10 +34,10 @@ spec: description: "SystemRestore is where Longhorn stores system restore object" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -69,7 +69,7 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown." + description: "Status is the status of the condition.\nCan be True, False, Unknown." type: "string" type: description: "Type is the type of the condition." @@ -92,9 +92,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumeattachments.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumeattachments.yaml index 7eb6bf73d..2e5b0be96 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumeattachments.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumeattachments.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "volumeattachments.longhorn.io" spec: @@ -30,10 +30,10 @@ spec: description: "VolumeAttachment stores attachment information of a Longhorn volume" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -44,7 +44,7 @@ spec: additionalProperties: properties: generation: - description: "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only." + description: "A sequence number representing a specific generation of the desired state.\nPopulated by the system. Read-only." format: "int64" type: "integer" id: @@ -91,7 +91,7 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown." + description: "Status is the status of the condition.\nCan be True, False, Unknown." type: "string" type: description: "Type is the type of the condition." @@ -100,7 +100,7 @@ spec: nullable: true type: "array" generation: - description: "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only." + description: "A sequence number representing a specific generation of the desired state.\nPopulated by the system. Read-only." format: "int64" type: "integer" id: @@ -120,9 +120,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumes.yaml index 1d2d8bf20..28a900aa6 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumes.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumes.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.15.0" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.6.0-dev" + app.kubernetes.io/version: "v1.8.0-dev" longhorn-manager: "" name: "volumes.longhorn.io" spec: @@ -67,10 +67,10 @@ spec: description: "Volume is where Longhorn stores volume object." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -85,7 +85,7 @@ spec: - "rwx" type: "string" backendStoreDriver: - description: "Deprecated: Replaced by field `dataEngine`." + description: "Deprecated:Replaced by field `dataEngine`.'" type: "string" backingImage: type: "string" @@ -226,6 +226,10 @@ spec: type: "integer" cloneStatus: properties: + attemptCount: + type: "integer" + nextAllowedAttemptAt: + type: "string" snapshot: type: "string" sourceVolume: @@ -249,7 +253,7 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown." + description: "Status is the status of the condition.\nCan be True, False, Unknown." type: "string" type: description: "Type is the type of the condition." @@ -291,8 +295,6 @@ spec: properties: podName: type: "string" - podNamespace: - type: "string" podStatus: type: "string" workloadName: @@ -336,9 +338,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/backups.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/backups.yaml index 7806a17da..330a9b9f1 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/backups.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/backups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "backups.k8s.mariadb.com" spec: group: "k8s.mariadb.com" @@ -77,11 +77,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -98,11 +100,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -114,6 +118,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -138,11 +143,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -159,14 +166,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -202,11 +212,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -215,13 +227,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -245,11 +257,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -262,6 +276,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -277,6 +292,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -301,11 +317,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -314,13 +332,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -344,11 +362,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -361,6 +381,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -368,6 +389,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -399,11 +421,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -412,13 +436,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -442,11 +466,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -459,6 +485,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -474,6 +501,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -498,11 +526,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -511,13 +541,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -541,11 +571,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -558,6 +590,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -565,6 +598,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" args: @@ -581,6 +615,10 @@ spec: items: type: "string" type: "array" + failedJobsHistoryLimit: + format: "int32" + minimum: 0.0 + type: "integer" ignoreGlobalPriv: description: "IgnoreGlobalPriv indicates to ignore the mysql.global_priv in backups.\nIf not provided, it will default to true when the referred MariaDB instance has Galera enabled and otherwise to false.\nSee: https://github.com/mariadb-operator/mariadb-operator/issues/556" type: "boolean" @@ -590,7 +628,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -668,6 +707,18 @@ spec: podSecurityContext: description: "SecurityContext holds pod-level security attributes and common container settings." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -720,6 +771,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -736,6 +788,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -820,6 +873,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -829,12 +894,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -915,6 +982,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -992,11 +1060,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1008,7 +1078,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -1027,7 +1097,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1055,7 +1126,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1071,7 +1143,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1090,7 +1163,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1180,6 +1254,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -1193,7 +1268,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1216,7 +1292,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1253,8 +1330,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -1274,7 +1353,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1302,7 +1382,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1345,6 +1425,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -1377,6 +1458,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -1454,11 +1536,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1470,7 +1554,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -1501,11 +1585,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -1528,7 +1614,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1637,6 +1724,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -1644,7 +1732,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1745,11 +1834,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1795,8 +1886,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -1812,7 +1905,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1855,6 +1948,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -1879,8 +1973,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -1905,6 +2001,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -1948,6 +2045,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -1958,7 +2056,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1988,7 +2087,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2039,6 +2139,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -2059,7 +2160,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2090,6 +2192,10 @@ spec: type: "object" type: "object" type: "object" + successfulJobsHistoryLimit: + format: "int32" + minimum: 0.0 + type: "integer" tolerations: description: "Tolerations to be used in the Pod." items: diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/connections.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/connections.yaml index 6ad89dfc0..dacb6b2d1 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/connections.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/connections.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "connections.k8s.mariadb.com" spec: group: "k8s.mariadb.com" @@ -128,7 +128,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/databases.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/databases.yaml index 5fb8fd48d..9963e0a41 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/databases.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/databases.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "databases.k8s.mariadb.com" spec: group: "k8s.mariadb.com" diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/grants.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/grants.yaml index b8307b0b9..98415686d 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/grants.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/grants.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "grants.k8s.mariadb.com" spec: group: "k8s.mariadb.com" diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml index 9fca76f4f..995189213 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "mariadbs.k8s.mariadb.com" spec: group: "k8s.mariadb.com" @@ -77,11 +77,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -98,11 +100,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -114,6 +118,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -138,11 +143,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -159,14 +166,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -202,11 +212,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -215,13 +227,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -245,11 +257,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -262,6 +276,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -277,6 +292,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -301,11 +317,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -314,13 +332,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -344,11 +362,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -361,6 +381,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -368,6 +389,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -399,11 +421,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -412,13 +436,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -442,11 +466,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -459,6 +485,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -474,6 +501,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -498,11 +526,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -511,13 +541,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -541,11 +571,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -558,6 +590,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -565,6 +598,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" args: @@ -579,7 +613,8 @@ spec: description: "BackupRef is a reference to a Backup object. It has priority over S3 and Volume." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -619,11 +654,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -640,11 +677,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -656,6 +695,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -680,11 +720,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -701,14 +743,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -744,11 +789,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -757,13 +804,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -787,11 +834,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -804,6 +853,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -819,6 +869,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -843,11 +894,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -856,13 +909,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -886,11 +939,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -903,6 +958,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -910,6 +966,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -941,11 +998,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -954,13 +1013,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -984,11 +1043,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1001,6 +1062,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1016,6 +1078,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -1040,11 +1103,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1053,13 +1118,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -1083,11 +1148,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1100,6 +1167,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1107,6 +1175,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" args: @@ -1176,7 +1245,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1204,7 +1274,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1220,7 +1291,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1239,7 +1311,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1333,6 +1406,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -1346,7 +1420,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1369,7 +1444,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1406,8 +1482,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -1427,7 +1505,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1455,7 +1534,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1498,6 +1577,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -1530,6 +1610,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -1607,11 +1688,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1623,7 +1706,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -1654,11 +1737,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -1681,7 +1766,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1790,6 +1876,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -1797,7 +1884,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1898,11 +1986,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1948,8 +2038,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -1965,7 +2057,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -2008,6 +2100,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -2032,8 +2125,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -2058,6 +2153,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -2101,6 +2197,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -2111,7 +2208,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2141,7 +2239,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2192,6 +2291,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -2212,7 +2312,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2340,7 +2441,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2389,7 +2491,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2412,7 +2515,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2426,7 +2530,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2472,7 +2577,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2521,7 +2627,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2544,7 +2651,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2558,7 +2666,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2601,6 +2710,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2641,6 +2751,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2707,6 +2818,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2747,6 +2859,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2841,6 +2954,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2850,12 +2975,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2931,7 +3058,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -2939,6 +3066,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -2968,6 +3098,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -3059,11 +3190,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3075,7 +3208,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -3125,7 +3258,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -3174,7 +3308,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -3197,7 +3332,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -3211,7 +3347,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -3241,6 +3378,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -3281,6 +3419,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -3343,6 +3482,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -3383,6 +3523,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -3477,6 +3618,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -3486,12 +3639,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -3567,7 +3722,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -3575,6 +3730,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -3625,11 +3783,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -3646,11 +3806,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -3662,6 +3824,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -3686,11 +3849,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -3707,14 +3872,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -3750,11 +3918,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3763,13 +3933,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -3793,11 +3963,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3810,6 +3982,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3825,6 +3998,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -3849,11 +4023,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3862,13 +4038,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -3892,11 +4068,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3909,6 +4087,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3916,6 +4095,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -3947,11 +4127,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3960,13 +4142,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -3990,11 +4172,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4007,6 +4191,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -4022,6 +4207,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -4046,11 +4232,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4059,13 +4247,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -4089,11 +4277,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4106,6 +4296,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -4113,6 +4304,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" args: @@ -4242,7 +4434,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4297,7 +4490,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -4346,7 +4540,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -4369,7 +4564,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -4383,7 +4579,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -4413,6 +4610,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -4453,6 +4651,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4515,6 +4714,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -4555,6 +4755,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4649,6 +4850,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -4658,12 +4871,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -4739,7 +4954,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -4747,6 +4962,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -4773,6 +4991,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -4813,6 +5032,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4892,7 +5112,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -4919,7 +5140,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -4948,7 +5170,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -4975,7 +5198,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -5002,7 +5226,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -5029,7 +5254,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -5071,6 +5297,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -5162,11 +5389,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5178,7 +5407,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -5397,11 +5626,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -5418,11 +5649,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -5434,6 +5667,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -5458,11 +5692,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -5479,14 +5715,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -5522,11 +5761,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5535,13 +5776,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -5565,11 +5806,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5582,6 +5825,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -5597,6 +5841,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -5621,11 +5866,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5634,13 +5881,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -5664,11 +5911,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5681,6 +5930,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -5688,6 +5938,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -5719,11 +5970,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5732,13 +5985,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -5762,11 +6015,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5779,6 +6034,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -5794,6 +6050,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -5818,11 +6075,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5831,13 +6090,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -5861,11 +6120,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5878,6 +6139,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -5885,6 +6147,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" args: @@ -5918,7 +6181,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -5967,7 +6231,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -5990,7 +6255,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -6004,7 +6270,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -6029,7 +6296,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6070,7 +6338,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -6119,7 +6388,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -6142,7 +6412,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -6156,7 +6427,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -6186,6 +6458,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -6226,6 +6499,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -6288,6 +6562,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -6328,6 +6603,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -6422,6 +6698,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -6431,12 +6719,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -6512,7 +6802,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -6520,6 +6810,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -6546,6 +6839,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -6586,6 +6880,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -6659,6 +6954,18 @@ spec: podSecurityContext: description: "SecurityContext holds pod-level security attributes and common container settings." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -6711,6 +7018,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -6727,6 +7035,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -6762,6 +7071,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -6802,6 +7112,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -6896,6 +7207,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -6905,12 +7228,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -7016,7 +7341,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -7065,7 +7391,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -7088,7 +7415,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -7102,7 +7430,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -7132,6 +7461,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -7172,6 +7502,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -7234,6 +7565,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -7274,6 +7606,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -7368,6 +7701,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -7377,12 +7722,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -7458,7 +7805,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -7466,6 +7813,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -7528,11 +7878,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -7551,7 +7903,7 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: @@ -7581,7 +7933,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -7589,6 +7941,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -7673,6 +8028,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -7686,7 +8042,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -7709,7 +8066,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -7746,8 +8104,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -7767,7 +8127,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -7795,7 +8156,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -7838,6 +8199,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -7870,6 +8232,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -7947,11 +8310,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -7963,7 +8328,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -7994,11 +8359,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -8021,7 +8388,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -8130,6 +8498,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -8137,7 +8506,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -8241,11 +8611,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -8291,8 +8663,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -8308,7 +8682,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -8351,6 +8725,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -8375,8 +8750,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -8401,6 +8778,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -8444,6 +8822,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -8454,7 +8833,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -8484,7 +8864,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -8535,6 +8916,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -8555,7 +8937,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -8796,11 +9179,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -8817,11 +9202,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -8833,6 +9220,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -8857,11 +9245,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -8878,14 +9268,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -8921,11 +9314,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -8934,13 +9329,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -8964,11 +9359,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -8981,6 +9378,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -8996,6 +9394,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -9020,11 +9419,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9033,13 +9434,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -9063,11 +9464,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9080,6 +9483,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -9087,6 +9491,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -9118,11 +9523,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9131,13 +9538,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -9161,11 +9568,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9178,6 +9587,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -9193,6 +9603,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -9217,11 +9628,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9230,13 +9643,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -9260,11 +9673,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9277,6 +9692,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -9284,6 +9700,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" args: @@ -9317,7 +9734,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -9366,7 +9784,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -9389,7 +9808,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -9403,7 +9823,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -9428,7 +9849,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -9469,7 +9891,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -9518,7 +9941,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -9541,7 +9965,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -9555,7 +9980,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -9585,6 +10011,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -9625,6 +10052,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -9687,6 +10115,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -9727,6 +10156,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -9821,6 +10251,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -9830,12 +10272,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -9911,7 +10355,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -9919,6 +10363,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -9945,6 +10392,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -9985,6 +10433,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -10058,6 +10507,18 @@ spec: podSecurityContext: description: "SecurityContext holds pod-level security attributes and common container settings." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -10110,6 +10571,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -10126,6 +10588,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -10161,6 +10624,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -10201,6 +10665,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -10295,6 +10760,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -10304,12 +10781,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -10415,7 +10894,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -10464,7 +10944,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -10487,7 +10968,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -10501,7 +10983,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -10531,6 +11014,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -10571,6 +11055,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -10633,6 +11118,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -10673,6 +11159,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -10767,6 +11254,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -10776,12 +11275,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -10857,7 +11358,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -10865,6 +11366,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -10927,11 +11431,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -10950,7 +11456,7 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: @@ -10980,7 +11486,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -10988,6 +11494,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -11072,6 +11581,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -11085,7 +11595,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -11108,7 +11619,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -11145,8 +11657,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -11166,7 +11680,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -11194,7 +11709,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -11237,6 +11752,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -11269,6 +11785,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -11346,11 +11863,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -11362,7 +11881,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -11393,11 +11912,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -11420,7 +11941,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -11529,6 +12051,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -11536,7 +12059,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -11640,11 +12164,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -11690,8 +12216,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -11707,7 +12235,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -11750,6 +12278,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -11774,8 +12303,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -11800,6 +12331,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -11843,6 +12375,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -11853,7 +12386,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -11883,7 +12417,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -11934,6 +12469,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -11954,7 +12490,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -11999,7 +12536,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -12038,7 +12576,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -12063,7 +12602,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -12105,6 +12645,18 @@ spec: podSecurityContext: description: "SecurityContext holds pod-level security attributes and common container settings." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -12157,6 +12709,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -12173,6 +12726,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -12320,6 +12874,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -12360,6 +12915,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -12461,7 +13017,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -12535,7 +13092,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -12661,6 +13219,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -12670,12 +13240,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -12824,7 +13396,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -12873,7 +13446,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -12896,7 +13470,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -12910,7 +13485,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -12940,6 +13516,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -12980,6 +13557,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -13042,6 +13620,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -13082,6 +13661,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -13176,6 +13756,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -13185,12 +13777,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -13266,7 +13860,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -13274,6 +13868,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -13316,6 +13913,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -13407,11 +14005,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -13423,7 +14023,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -13436,6 +14036,9 @@ spec: description: "WaitForVolumeResize indicates whether to wait for the PVCs to be resized before marking the MariaDB object as ready. This will block other operations such as cluster recovery while the resize is in progress.\nIt defaults to true." type: "boolean" type: "object" + timeZone: + description: "TimeZone sets the default timezone. If not provided, it defaults to SYSTEM and the timezone data is not loaded." + type: "string" tolerations: description: "Tolerations to be used in the Pod." items: @@ -13483,11 +14086,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -13506,7 +14111,7 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: @@ -13565,7 +14170,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -13573,6 +14178,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -13657,6 +14265,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -13670,7 +14279,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -13693,7 +14303,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -13730,8 +14341,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -13751,7 +14364,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -13779,7 +14393,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -13822,6 +14436,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -13854,6 +14469,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -13931,11 +14547,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -13947,7 +14565,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -13978,11 +14596,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -14005,7 +14625,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -14114,6 +14735,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -14121,7 +14743,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -14225,11 +14848,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -14275,8 +14900,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -14292,7 +14919,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -14335,6 +14962,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -14359,8 +14987,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -14385,6 +15015,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -14428,6 +15059,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -14438,7 +15070,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -14468,7 +15101,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -14519,6 +15153,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -14539,7 +15174,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml index cc10d4271..07ca80d14 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "maxscales.k8s.mariadb.com" spec: group: "k8s.mariadb.com" @@ -88,11 +88,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -109,11 +111,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -125,6 +129,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -149,11 +154,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -170,14 +177,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -213,11 +223,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -226,13 +238,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -256,11 +268,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -273,6 +287,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -288,6 +303,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -312,11 +328,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -325,13 +343,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -355,11 +373,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -372,6 +392,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -379,6 +400,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -410,11 +432,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -423,13 +447,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -453,11 +477,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -470,6 +496,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -485,6 +512,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -509,11 +537,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -522,13 +552,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -552,11 +582,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -569,6 +601,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -576,6 +609,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" args: @@ -597,7 +631,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -624,7 +659,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -653,7 +689,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -680,7 +717,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -707,7 +745,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -734,7 +773,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -781,6 +821,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -872,11 +913,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -888,7 +931,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -987,7 +1030,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1036,7 +1080,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1059,7 +1104,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1073,7 +1119,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1141,7 +1188,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1196,7 +1244,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1245,7 +1294,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1268,7 +1318,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1282,7 +1333,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1312,6 +1364,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1352,6 +1405,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1414,6 +1468,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1454,6 +1509,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1548,6 +1604,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1557,12 +1625,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1638,7 +1708,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1646,6 +1716,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1715,6 +1788,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1755,6 +1829,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1878,11 +1953,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -1899,11 +1976,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -1915,6 +1994,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -1939,11 +2019,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -1960,14 +2042,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -2003,11 +2088,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2016,13 +2103,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -2046,11 +2133,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2063,6 +2152,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -2078,6 +2168,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -2102,11 +2193,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2115,13 +2208,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -2145,11 +2238,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2162,6 +2257,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -2169,6 +2265,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -2200,11 +2297,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2213,13 +2312,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -2243,11 +2342,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2260,6 +2361,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -2275,6 +2377,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -2299,11 +2402,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2312,13 +2417,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -2342,11 +2447,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2359,6 +2466,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -2366,6 +2474,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" args: @@ -2399,7 +2508,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2448,7 +2558,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2471,7 +2582,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2485,7 +2597,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2510,7 +2623,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2551,7 +2665,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2600,7 +2715,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2623,7 +2739,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2637,7 +2754,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2667,6 +2785,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2707,6 +2826,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2769,6 +2889,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2809,6 +2930,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2903,6 +3025,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2912,12 +3046,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2993,7 +3129,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -3001,6 +3137,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -3027,6 +3166,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -3067,6 +3207,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -3140,6 +3281,18 @@ spec: podSecurityContext: description: "SecurityContext holds pod-level security attributes and common container settings." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -3192,6 +3345,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -3208,6 +3362,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -3243,6 +3398,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -3283,6 +3439,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -3377,6 +3534,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -3386,12 +3555,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -3497,7 +3668,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -3546,7 +3718,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -3569,7 +3742,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -3583,7 +3757,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -3613,6 +3788,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -3653,6 +3829,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -3715,6 +3892,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -3755,6 +3933,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -3849,6 +4028,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -3858,12 +4049,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -3939,7 +4132,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -3947,6 +4140,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -4009,11 +4205,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4032,7 +4230,7 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: @@ -4062,7 +4260,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -4070,6 +4268,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -4154,6 +4355,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -4167,7 +4369,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4190,7 +4393,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4227,8 +4431,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -4248,7 +4454,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4276,7 +4483,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -4319,6 +4526,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -4351,6 +4559,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -4428,11 +4637,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4444,7 +4655,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -4475,11 +4686,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -4502,7 +4715,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4611,6 +4825,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -4618,7 +4833,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4722,11 +4938,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4772,8 +4990,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -4789,7 +5009,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -4832,6 +5052,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -4856,8 +5077,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -4882,6 +5105,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -4925,6 +5149,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -4935,7 +5160,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4965,7 +5191,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -5016,6 +5243,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -5036,7 +5264,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -5152,6 +5381,18 @@ spec: podSecurityContext: description: "SecurityContext holds pod-level security attributes and common container settings." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -5204,6 +5445,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -5220,6 +5462,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -5251,6 +5494,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -5291,6 +5535,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -5393,6 +5638,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -5402,12 +5659,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -5594,7 +5853,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -5643,7 +5903,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -5666,7 +5927,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -5680,7 +5942,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -5710,6 +5973,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -5750,6 +6014,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -5812,6 +6077,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -5852,6 +6118,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -5946,6 +6213,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -5955,12 +6234,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -6036,7 +6317,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -6044,6 +6325,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -6106,11 +6390,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6129,7 +6415,7 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: @@ -6180,7 +6466,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -6188,6 +6474,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -6272,6 +6561,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -6285,7 +6575,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6308,7 +6599,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6345,8 +6637,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -6366,7 +6660,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6394,7 +6689,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -6437,6 +6732,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -6469,6 +6765,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -6546,11 +6843,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6562,7 +6861,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -6593,11 +6892,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -6620,7 +6921,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6729,6 +7031,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -6736,7 +7039,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6840,11 +7144,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6890,8 +7196,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -6907,7 +7215,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -6950,6 +7258,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -6974,8 +7283,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -7000,6 +7311,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -7043,6 +7355,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -7053,7 +7366,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -7083,7 +7397,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -7134,6 +7449,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -7154,7 +7470,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/restores.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/restores.yaml index 92ae17eed..3233479e4 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/restores.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/restores.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "restores.k8s.mariadb.com" spec: group: "k8s.mariadb.com" @@ -77,11 +77,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -98,11 +100,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -114,6 +118,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -138,11 +143,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -159,14 +166,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -202,11 +212,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -215,13 +227,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -245,11 +257,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -262,6 +276,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -277,6 +292,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -301,11 +317,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -314,13 +332,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -344,11 +362,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -361,6 +381,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -368,6 +389,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -399,11 +421,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -412,13 +436,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -442,11 +466,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -459,6 +485,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -474,6 +501,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -498,11 +526,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -511,13 +541,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -541,11 +571,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -558,6 +590,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -565,6 +598,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" args: @@ -581,7 +615,8 @@ spec: description: "BackupRef is a reference to a Backup object. It has priority over S3 and Volume." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -594,7 +629,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -669,6 +705,18 @@ spec: podSecurityContext: description: "SecurityContext holds pod-level security attributes and common container settings." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -721,6 +769,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -737,6 +786,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -812,7 +862,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -840,7 +891,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -856,7 +908,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -875,7 +928,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -900,6 +954,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -909,12 +975,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1082,6 +1150,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -1095,7 +1164,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1118,7 +1188,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1155,8 +1226,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -1176,7 +1249,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1204,7 +1278,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1247,6 +1321,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -1279,6 +1354,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -1356,11 +1432,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1372,7 +1450,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -1403,11 +1481,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -1430,7 +1510,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1539,6 +1620,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -1546,7 +1628,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1647,11 +1730,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1697,8 +1782,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -1714,7 +1801,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1757,6 +1844,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -1781,8 +1869,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -1807,6 +1897,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -1850,6 +1941,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -1860,7 +1952,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1890,7 +1983,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1941,6 +2035,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -1961,7 +2056,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/sqljobs.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/sqljobs.yaml index b481577bf..f7dc90fb9 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/sqljobs.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/sqljobs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "sqljobs.k8s.mariadb.com" spec: group: "k8s.mariadb.com" @@ -77,11 +77,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -98,11 +100,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -114,6 +118,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -138,11 +143,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -159,14 +166,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -202,11 +212,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -215,13 +227,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -245,11 +257,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -262,6 +276,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -277,6 +292,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -301,11 +317,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -314,13 +332,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -344,11 +362,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -361,6 +381,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -368,6 +389,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -399,11 +421,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -412,13 +436,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -442,11 +466,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -459,6 +485,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -474,6 +501,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -498,11 +526,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -511,13 +541,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -541,11 +571,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -558,6 +590,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -565,6 +598,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" args: @@ -586,18 +620,24 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" type: "array" + failedJobsHistoryLimit: + format: "int32" + minimum: 0.0 + type: "integer" imagePullSecrets: description: "ImagePullSecrets is the list of pull Secrets to be used to pull the image." items: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -658,7 +698,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -684,6 +725,18 @@ spec: podSecurityContext: description: "SecurityContext holds pod-level security attributes and common container settings." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -736,6 +789,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -752,6 +806,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -836,6 +891,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -845,12 +912,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -930,7 +999,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -939,6 +1009,10 @@ spec: - "key" type: "object" x-kubernetes-map-type: "atomic" + successfulJobsHistoryLimit: + format: "int32" + minimum: 0.0 + type: "integer" tolerations: description: "Tolerations to be used in the Pod." items: diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/users.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/users.yaml index 942f1f556..dbe094e6a 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/users.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/users.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "users.k8s.mariadb.com" spec: group: "k8s.mariadb.com" @@ -97,7 +97,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" diff --git a/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml b/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml index 0e6de1835..75eee67a6 100644 --- a/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml +++ b/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: controller-gen.kubebuilder.io/version: "v0.15.0" - operator.min.io/version: "v5.0.15" + operator.min.io/version: "v6.0.1" name: "tenants.minio.min.io" spec: group: "minio.min.io" @@ -874,6 +874,9 @@ spec: type: "string" type: "array" type: "object" + certExpiryAlertThreshold: + format: "int32" + type: "integer" configuration: properties: name: @@ -881,13 +884,6 @@ spec: type: "string" type: "object" x-kubernetes-map-type: "atomic" - credsSecret: - properties: - name: - default: "" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" env: items: properties: @@ -3260,8 +3256,6 @@ spec: additionalProperties: type: "string" type: "object" - reclaimStorage: - type: "boolean" resources: properties: claims: diff --git a/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml b/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml index 16e7dea52..d628e3123 100644 --- a/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml +++ b/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: controller-gen.kubebuilder.io/version: "v0.15.0" - operator.min.io/version: "v5.0.15" + operator.min.io/version: "v6.0.1" name: "policybindings.sts.min.io" spec: group: "sts.min.io" diff --git a/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml b/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml index 14461d58f..da8b124f1 100644 --- a/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml +++ b/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: controller-gen.kubebuilder.io/version: "v0.15.0" - operator.min.io/version: "v5.0.15" + operator.min.io/version: "v6.0.1" name: "policybindings.sts.min.io" spec: group: "sts.min.io" diff --git a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml index acf6d5bc9..ef5d16b7b 100644 --- a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml +++ b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml @@ -2146,11 +2146,127 @@ spec: - "address" - "topic" type: "object" + openTelemetry: + description: "Open telemetry configuration, such as the IP address and port to send enriched logs, metrics and or traces to." + properties: + fieldsMapping: + description: "Custom fields mapping to an OpenTelemetry conformant format.\nBy default, NetObserv format proposal is used: https://github.com/rhobs/observability-data-model/blob/main/network-observability.md#format-proposal .\nAs there is currently no accepted otlp standard for L3/4 network logs, you can freely override it with your own." + items: + properties: + input: + type: "string" + multiplier: + type: "integer" + output: + type: "string" + type: "object" + type: "array" + headers: + additionalProperties: + type: "string" + description: "Headers to add to messages (optional)" + type: "object" + logs: + description: "Open telemetry configuration for logs." + properties: + enable: + default: true + description: "Set `enable` to `true` to send logs to Open Telemetry receiver." + type: "boolean" + type: "object" + metrics: + description: "Open telemetry configuration for metrics." + properties: + enable: + default: true + description: "Set `enable` to `true` to send metrics to Open Telemetry receiver." + type: "boolean" + pushTimeInterval: + default: "20s" + description: "How often should metrics be sent to collector" + type: "string" + type: "object" + protocol: + description: "Protocol of Open Telemetry connection. The available options are `http` and `grpc`." + enum: + - "http" + - "grpc" + type: "string" + targetHost: + default: "" + description: "Address of the Open Telemetry receiver" + type: "string" + targetPort: + description: "Port for the Open Telemetry receiver" + type: "integer" + tls: + description: "TLS client configuration." + properties: + caCert: + description: "`caCert` defines the reference of the certificate for the Certificate Authority" + properties: + certFile: + description: "`certFile` defines the path to the certificate file name within the config map or secret." + type: "string" + certKey: + description: "`certKey` defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary." + type: "string" + name: + description: "Name of the config map or secret containing certificates." + type: "string" + namespace: + default: "" + description: "Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.\nIf the namespace is different, the config map or the secret is copied so that it can be mounted as required." + type: "string" + type: + description: "Type for the certificate reference: `configmap` or `secret`." + enum: + - "configmap" + - "secret" + type: "string" + type: "object" + enable: + default: false + description: "Enable TLS" + type: "boolean" + insecureSkipVerify: + default: false + description: "`insecureSkipVerify` allows skipping client-side verification of the server certificate.\nIf set to `true`, the `caCert` field is ignored." + type: "boolean" + userCert: + description: "`userCert` defines the user certificate reference and is used for mTLS (you can ignore it when using one-way TLS)" + properties: + certFile: + description: "`certFile` defines the path to the certificate file name within the config map or secret." + type: "string" + certKey: + description: "`certKey` defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary." + type: "string" + name: + description: "Name of the config map or secret containing certificates." + type: "string" + namespace: + default: "" + description: "Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed.\nIf the namespace is different, the config map or the secret is copied so that it can be mounted as required." + type: "string" + type: + description: "Type for the certificate reference: `configmap` or `secret`." + enum: + - "configmap" + - "secret" + type: "string" + type: "object" + type: "object" + required: + - "targetHost" + - "targetPort" + type: "object" type: description: "`type` selects the type of exporters. The available options are `Kafka` and `IPFIX`." enum: - "Kafka" - "IPFIX" + - "OpenTelemetry" type: "string" required: - "type" diff --git a/crd-catalog/nginxinc/kubernetes-ingress/appprotectdos.f5.com/v1beta1/dosprotectedresources.yaml b/crd-catalog/nginxinc/kubernetes-ingress/appprotectdos.f5.com/v1beta1/dosprotectedresources.yaml index ab8ef8d09..90b04246a 100644 --- a/crd-catalog/nginxinc/kubernetes-ingress/appprotectdos.f5.com/v1beta1/dosprotectedresources.yaml +++ b/crd-catalog/nginxinc/kubernetes-ingress/appprotectdos.f5.com/v1beta1/dosprotectedresources.yaml @@ -31,6 +31,15 @@ spec: spec: description: "DosProtectedResourceSpec defines the properties and values a DosProtectedResource can have." properties: + allowList: + description: "AllowList is a list of allowed IPs and subnet masks" + items: + description: "AllowListEntry represents an IP address and a subnet mask." + properties: + ipWithMask: + type: "string" + type: "object" + type: "array" apDosMonitor: description: "ApDosMonitor is how NGINX App Protect DoS monitors the stress level of the protected object. The monitor requests are sent from localhost (127.0.0.1). Default value: URI - None, protocol - http1, timeout - NGINX App Protect DoS default." properties: diff --git a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml index 92b5caf39..25b3ccaf9 100644 --- a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml +++ b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml @@ -70,7 +70,7 @@ spec: type: "object" type: "object" basicAuth: - description: "BasicAuth holds HTTP Basic authentication configuration\npolicy status: preview" + description: "BasicAuth holds HTTP Basic authentication configuration" properties: realm: type: "string" diff --git a/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/nginxproxies.yaml b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/nginxproxies.yaml index 11a0b1bc0..c7b10c185 100644 --- a/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/nginxproxies.yaml +++ b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/nginxproxies.yaml @@ -38,6 +38,14 @@ spec: disableHTTP2: description: "DisableHTTP2 defines if http2 should be disabled for all servers.\nDefault is false, meaning http2 will be enabled for all servers." type: "boolean" + ipFamily: + default: "dual" + description: "IPFamily specifies the IP family to be used by the NGINX.\nDefault is \"dual\", meaning the server will use both IPv4 and IPv6." + enum: + - "dual" + - "ipv4" + - "ipv6" + type: "string" telemetry: description: "Telemetry specifies the OpenTelemetry configuration." properties: diff --git a/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/observabilitypolicies.yaml b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/observabilitypolicies.yaml index f4e88208f..7a9fd13ac 100644 --- a/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/observabilitypolicies.yaml +++ b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/observabilitypolicies.yaml @@ -38,7 +38,7 @@ spec: description: "Spec defines the desired state of the ObservabilityPolicy." properties: targetRefs: - description: "TargetRefs identifies the API object(s) to apply the policy to.\nObjects must be in the same namespace as the policy.\nSupport: HTTPRoute" + description: "TargetRefs identifies the API object(s) to apply the policy to.\nObjects must be in the same namespace as the policy.\nSupport: HTTPRoute, GRPCRoute." items: description: "LocalPolicyTargetReference identifies an API object to apply a direct or\ninherited policy to. This should be used as part of Policy resources\nthat can target Gateway API resources. For more information on how this\npolicy attachment model works, and a sample Policy resource, refer to\nthe policy attachment documentation for Gateway API." properties: diff --git a/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/clustermanagers.yaml b/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/clustermanagers.yaml index 16971a412..9d75da812 100644 --- a/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/clustermanagers.yaml +++ b/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/clustermanagers.yaml @@ -15,13 +15,13 @@ spec: - name: "v1" schema: openAPIV3Schema: - description: "ClusterManager configures the controllers on the hub that govern registration and work distribution for attached Klusterlets. In Default mode, ClusterManager will only be deployed in open-cluster-management-hub namespace. In Hosted mode, ClusterManager will be deployed in the namespace with the same name as cluster manager." + description: "ClusterManager configures the controllers on the hub that govern registration and work distribution for attached Klusterlets.\nIn Default mode, ClusterManager will only be deployed in open-cluster-management-hub namespace.\nIn Hosted mode, ClusterManager will be deployed in the namespace with the same name as cluster manager." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -35,7 +35,7 @@ spec: description: "AddOnManagerConfiguration contains the configuration of addon manager" properties: featureGates: - description: "FeatureGates represents the list of feature gates for addon manager If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false." + description: "FeatureGates represents the list of feature gates for addon manager\nIf it is set empty, default feature gates will be used.\nIf it is set, featuregate/Foo is an example of one item in FeatureGates:\n 1. If featuregate/Foo does not exist, registration-operator will discard it\n 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true]\n 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false,\n \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false." items: properties: feature: @@ -43,7 +43,7 @@ spec: type: "string" mode: default: "Disable" - description: "Mode is either Enable, Disable, \"\" where \"\" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=true\". In Disable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=false\"." + description: "Mode is either Enable, Disable, \"\" where \"\" is Disable by default.\nIn Enable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=true\".\nIn Disable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=false\"." enum: - "Enable" - "Disable" @@ -60,7 +60,7 @@ spec: deployOption: default: mode: "Default" - description: "DeployOption contains the options of deploying a cluster-manager Default mode is used if DeployOption is not set." + description: "DeployOption contains the options of deploying a cluster-manager\nDefault mode is used if DeployOption is not set." properties: hosted: description: "Hosted includes configurations we need for clustermanager in the Hosted mode." @@ -69,7 +69,7 @@ spec: description: "RegistrationWebhookConfiguration represents the customized webhook-server configuration of registration." properties: address: - description: "Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster." + description: "Address represents the address of a webhook-server.\nIt could be in IP format or fqdn format.\nThe Address must be reachable by apiserver of the hub cluster." pattern: "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])$" type: "string" port: @@ -85,7 +85,7 @@ spec: description: "WorkWebhookConfiguration represents the customized webhook-server configuration of work." properties: address: - description: "Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster." + description: "Address represents the address of a webhook-server.\nIt could be in IP format or fqdn format.\nThe Address must be reachable by apiserver of the hub cluster." pattern: "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])$" type: "string" port: @@ -100,7 +100,7 @@ spec: type: "object" mode: default: "Default" - description: "Mode can be Default or Hosted. In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. In Hosted mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of \"external-hub-kubeconfig\"(a kubeconfig of hub-cluster with cluster-admin permission). Note: Do not modify the Mode field once it's applied." + description: "Mode can be Default or Hosted.\nIn Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster.\nIn Hosted mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another\ncluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of \"external-hub-kubeconfig\"(a kubeconfig\nof hub-cluster with cluster-admin permission).\nNote: Do not modify the Mode field once it's applied." enum: - "Default" - "Hosted" @@ -117,25 +117,25 @@ spec: description: "NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list." type: "object" tolerations: - description: "Tolerations are attached by pods to tolerate any taint that matches the triple using the matching operator . The default is an empty list." + description: "Tolerations are attached by pods to tolerate any taint that matches\nthe triple using the matching operator .\nThe default is an empty list." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -148,12 +148,12 @@ spec: description: "RegistrationConfiguration contains the configuration of registration" properties: autoApproveUsers: - description: "AutoApproveUser represents a list of users that can auto approve CSR and accept client. If the credential of the bootstrap-hub-kubeconfig matches to the users, the cluster created by the bootstrap-hub-kubeconfig will be auto-registered into the hub cluster. This takes effect only when ManagedClusterAutoApproval feature gate is enabled." + description: "AutoApproveUser represents a list of users that can auto approve CSR and accept client. If the credential of the\nbootstrap-hub-kubeconfig matches to the users, the cluster created by the bootstrap-hub-kubeconfig will\nbe auto-registered into the hub cluster. This takes effect only when ManagedClusterAutoApproval feature gate\nis enabled." items: type: "string" type: "array" featureGates: - description: "FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false." + description: "FeatureGates represents the list of feature gates for registration\nIf it is set empty, default feature gates will be used.\nIf it is set, featuregate/Foo is an example of one item in FeatureGates:\n 1. If featuregate/Foo does not exist, registration-operator will discard it\n 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true]\n 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false,\n \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false." items: properties: feature: @@ -161,7 +161,7 @@ spec: type: "string" mode: default: "Disable" - description: "Mode is either Enable, Disable, \"\" where \"\" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=true\". In Disable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=false\"." + description: "Mode is either Enable, Disable, \"\" where \"\" is Disable by default.\nIn Enable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=true\".\nIn Disable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=false\"." enum: - "Enable" - "Disable" @@ -176,18 +176,18 @@ spec: description: "RegistrationImagePullSpec represents the desired image of registration controller/webhook installed on hub." type: "string" resourceRequirement: - description: "ResourceRequirement specify QoS classes of deployments managed by clustermanager. It applies to all the containers in the deployments." + description: "ResourceRequirement specify QoS classes of deployments managed by clustermanager.\nIt applies to all the containers in the deployments." properties: resourceRequirements: description: "ResourceRequirements defines resource requests and limits when Type is ResourceQosClassResourceRequirement" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -203,7 +203,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -212,7 +212,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" type: @@ -229,7 +229,7 @@ spec: description: "WorkConfiguration contains the configuration of work" properties: featureGates: - description: "FeatureGates represents the list of feature gates for work If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false." + description: "FeatureGates represents the list of feature gates for work\nIf it is set empty, default feature gates will be used.\nIf it is set, featuregate/Foo is an example of one item in FeatureGates:\n 1. If featuregate/Foo does not exist, registration-operator will discard it\n 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true]\n 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false,\n \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false." items: properties: feature: @@ -237,7 +237,7 @@ spec: type: "string" mode: default: "Disable" - description: "Mode is either Enable, Disable, \"\" where \"\" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=true\". In Disable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=false\"." + description: "Mode is either Enable, Disable, \"\" where \"\" is Disable by default.\nIn Enable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=true\".\nIn Disable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=false\"." enum: - "Enable" - "Disable" @@ -248,7 +248,7 @@ spec: type: "array" workDriver: default: "kube" - description: "WorkDriver represents the type of work driver. Possible values are \"kube\", \"mqtt\", or \"grpc\". If not provided, the default value is \"kube\". If set to non-\"kube\" drivers, the klusterlet need to use the same driver. and the driver configuration must be provided in a secret named \"work-driver-config\" in the namespace where the cluster manager is running, adhering to the following structure: config.yaml: | \n For detailed driver configuration, please refer to the sdk-go documentation: https://github.com/open-cluster-management-io/sdk-go/blob/main/pkg/cloudevents/README.md#supported-protocols-and-drivers" + description: "WorkDriver represents the type of work driver. Possible values are \"kube\", \"mqtt\", or \"grpc\".\nIf not provided, the default value is \"kube\".\nIf set to non-\"kube\" drivers, the klusterlet need to use the same driver.\nand the driver configuration must be provided in a secret named \"work-driver-config\"\nin the namespace where the cluster manager is running, adhering to the following structure:\nconfig.yaml: |\n \n\n\nFor detailed driver configuration, please refer to the sdk-go documentation: https://github.com/open-cluster-management-io/sdk-go/blob/main/pkg/cloudevents/README.md#supported-protocols-and-drivers" enum: - "kube" - "mqtt" @@ -264,25 +264,25 @@ spec: description: "Status represents the current status of controllers that govern the lifecycle of managed clusters." properties: conditions: - description: "Conditions contain the different condition statuses for this ClusterManager. Valid condition types are: Applied: Components in hub are applied. Available: Components in hub are available and ready to serve. Progressing: Components in hub are in a transitioning state. Degraded: Components in hub do not match the desired configuration and only provide degraded service." + description: "Conditions contain the different condition statuses for this ClusterManager.\nValid condition types are:\nApplied: Components in hub are applied.\nAvailable: Components in hub are available and ready to serve.\nProgressing: Components in hub are in a transitioning state.\nDegraded: Components in hub do not match the desired configuration and only provide\ndegraded service." items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -295,7 +295,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -310,7 +310,7 @@ spec: generations: description: "Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction." items: - description: "GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1" + description: "GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made.\nThe definition matches the GenerationStatus defined in github.com/openshift/api/v1" properties: group: description: "group is the group of the resource that you're tracking" diff --git a/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/klusterlets.yaml b/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/klusterlets.yaml index 4e1bcb1bf..2690be6e5 100644 --- a/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/klusterlets.yaml +++ b/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/klusterlets.yaml @@ -15,13 +15,13 @@ spec: - name: "v1" schema: openAPIV3Schema: - description: "Klusterlet represents controllers to install the resources for a managed cluster. When configured, the Klusterlet requires a secret named bootstrap-hub-kubeconfig in the agent namespace to allow API requests to the hub for the registration protocol. In Hosted mode, the Klusterlet requires an additional secret named external-managed-kubeconfig in the agent namespace to allow API requests to the managed cluster for resources installation." + description: "Klusterlet represents controllers to install the resources for a managed cluster.\nWhen configured, the Klusterlet requires a secret named bootstrap-hub-kubeconfig in the\nagent namespace to allow API requests to the hub for the registration protocol.\nIn Hosted mode, the Klusterlet requires an additional secret named external-managed-kubeconfig\nin the agent namespace to allow API requests to the managed cluster for resources installation." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -29,7 +29,7 @@ spec: description: "Spec represents the desired deployment configuration of Klusterlet agent." properties: clusterName: - description: "ClusterName is the name of the managed cluster to be created on hub. The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift." + description: "ClusterName is the name of the managed cluster to be created on hub.\nThe Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift." maxLength: 63 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" @@ -37,16 +37,16 @@ spec: description: "DeployOption contains the options of deploying a klusterlet" properties: mode: - description: "Mode can be Default, Hosted, Singleton or SingletonHosted. It is Default mode if not specified In Default mode, all klusterlet related resources are deployed on the managed cluster. In Hosted mode, only crd and configurations are installed on the spoke/managed cluster. Controllers run in another cluster (defined as management-cluster) and connect to the mangaged cluster with the kubeconfig in secret of \"external-managed-kubeconfig\"(a kubeconfig of managed-cluster with cluster-admin permission). In Singleton mode, registration/work agent is started as a single deployment. In SingletonHosted mode, agent is started as a single deployment in hosted mode. Note: Do not modify the Mode field once it's applied." + description: "Mode can be Default, Hosted, Singleton or SingletonHosted. It is Default mode if not specified\nIn Default mode, all klusterlet related resources are deployed on the managed cluster.\nIn Hosted mode, only crd and configurations are installed on the spoke/managed cluster. Controllers run in another\ncluster (defined as management-cluster) and connect to the mangaged cluster with the kubeconfig in secret of\n\"external-managed-kubeconfig\"(a kubeconfig of managed-cluster with cluster-admin permission).\nIn Singleton mode, registration/work agent is started as a single deployment.\nIn SingletonHosted mode, agent is started as a single deployment in hosted mode.\nNote: Do not modify the Mode field once it's applied." type: "string" type: "object" externalServerURLs: - description: "ExternalServerURLs represents a list of apiserver urls and ca bundles that is accessible externally If it is set empty, managed cluster has no externally accessible url that hub cluster can visit." + description: "ExternalServerURLs represents a list of apiserver urls and ca bundles that is accessible externally\nIf it is set empty, managed cluster has no externally accessible url that hub cluster can visit." items: description: "ServerURL represents the apiserver url and ca bundle that is accessible externally" properties: caBundle: - description: "CABundle is the ca bundle to connect to apiserver of the managed cluster. System certs are used if it is not set." + description: "CABundle is the ca bundle to connect to apiserver of the managed cluster.\nSystem certs are used if it is not set." format: "byte" type: "string" url: @@ -55,7 +55,7 @@ spec: type: "object" type: "array" hubApiServerHostAlias: - description: "HubApiServerHostAlias contains the host alias for hub api server. registration-agent and work-agent will use it to communicate with hub api server." + description: "HubApiServerHostAlias contains the host alias for hub api server.\nregistration-agent and work-agent will use it to communicate with hub api server." properties: hostname: description: "Hostname for the above IP address." @@ -70,10 +70,10 @@ spec: - "ip" type: "object" imagePullSpec: - description: "ImagePullSpec represents the desired image configuration of agent, it takes effect only when singleton mode is set. quay.io/open-cluster-management.io/registration-operator:latest will be used if unspecified" + description: "ImagePullSpec represents the desired image configuration of agent, it takes effect only when\nsingleton mode is set. quay.io/open-cluster-management.io/registration-operator:latest will\nbe used if unspecified" type: "string" namespace: - description: "Namespace is the namespace to deploy the agent on the managed cluster. The namespace must have a prefix of \"open-cluster-management-\", and if it is not set, the namespace of \"open-cluster-management-agent\" is used to deploy agent. In addition, the add-ons are deployed to the namespace of \"{Namespace}-addon\". In the Hosted mode, this namespace still exists on the managed cluster to contain necessary resources, like service accounts, roles and rolebindings, while the agent is deployed to the namespace with the same name as klusterlet on the management cluster." + description: "Namespace is the namespace to deploy the agent on the managed cluster.\nThe namespace must have a prefix of \"open-cluster-management-\", and if it is not set,\nthe namespace of \"open-cluster-management-agent\" is used to deploy agent.\nIn addition, the add-ons are deployed to the namespace of \"{Namespace}-addon\".\nIn the Hosted mode, this namespace still exists on the managed cluster to contain\nnecessary resources, like service accounts, roles and rolebindings, while the agent\nis deployed to the namespace with the same name as klusterlet on the management cluster." maxLength: 57 pattern: "^open-cluster-management-[-a-z0-9]*[a-z0-9]$" type: "string" @@ -86,44 +86,44 @@ spec: description: "NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list." type: "object" tolerations: - description: "Tolerations are attached by pods to tolerate any taint that matches the triple using the matching operator . The default is an empty list." + description: "Tolerations are attached by pods to tolerate any taint that matches\nthe triple using the matching operator .\nThe default is an empty list." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" type: "object" priorityClassName: - description: "PriorityClassName is the name of the PriorityClass that will be used by the deployed klusterlet agent. It will be ignored when the PriorityClass/v1 API is not available on the managed cluster." + description: "PriorityClassName is the name of the PriorityClass that will be used by the\ndeployed klusterlet agent. It will be ignored when the PriorityClass/v1 API\nis not available on the managed cluster." type: "string" registrationConfiguration: description: "RegistrationConfiguration contains the configuration of registration" properties: bootstrapKubeConfigs: - description: "BootstrapKubeConfigs defines the ordered list of bootstrap kubeconfigs. The order decides which bootstrap kubeconfig to use first when rebootstrap. \n When the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR is set `hubAcceptsClient=false` on the hub, the controller marks the related bootstrap kubeconfig as \"failed\". \n A failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeConfigSeconds. But if the user updates the content of a failed bootstrapkubeconfig, the \"failed\" mark will be cleared." + description: "BootstrapKubeConfigs defines the ordered list of bootstrap kubeconfigs. The order decides which bootstrap kubeconfig to use first when rebootstrap.\n\n\nWhen the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR\nis set `hubAcceptsClient=false` on the hub, the controller marks the related bootstrap kubeconfig as \"failed\".\n\n\nA failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeConfigSeconds.\nBut if the user updates the content of a failed bootstrapkubeconfig, the \"failed\" mark will be cleared." properties: localSecretsConfig: - description: "LocalSecretsConfig include a list of secrets that contains the kubeconfigs for ordered bootstrap kubeconifigs. The secrets must be in the same namespace where the agent controller runs." + description: "LocalSecretsConfig include a list of secrets that contains the kubeconfigs for ordered bootstrap kubeconifigs.\nThe secrets must be in the same namespace where the agent controller runs." properties: hubConnectionTimeoutSeconds: default: 600 - description: "HubConnectionTimeoutSeconds is used to set the timeout of connecting to the hub cluster. When agent loses the connection to the hub over the timeout seconds, the agent do a rebootstrap. By default is 10 mins." + description: "HubConnectionTimeoutSeconds is used to set the timeout of connecting to the hub cluster.\nWhen agent loses the connection to the hub over the timeout seconds, the agent do a rebootstrap.\nBy default is 10 mins." format: "int32" minimum: 180.0 type: "integer" @@ -139,23 +139,23 @@ spec: type: "object" type: default: "None" - description: "Type specifies the type of priority bootstrap kubeconfigs. By default, it is set to None, representing no priority bootstrap kubeconfigs are set." + description: "Type specifies the type of priority bootstrap kubeconfigs.\nBy default, it is set to None, representing no priority bootstrap kubeconfigs are set." enum: - "None" - "LocalSecrets" type: "string" type: "object" clientCertExpirationSeconds: - description: "clientCertExpirationSeconds represents the seconds of a client certificate to expire. If it is not set or 0, the default duration seconds will be set by the hub cluster. If the value is larger than the max signing duration seconds set on the hub cluster, the max signing duration seconds will be set." + description: "clientCertExpirationSeconds represents the seconds of a client certificate to expire. If it is not set or 0, the default\nduration seconds will be set by the hub cluster. If the value is larger than the max signing duration seconds set on\nthe hub cluster, the max signing duration seconds will be set." format: "int32" type: "integer" clusterAnnotations: additionalProperties: type: "string" - description: "ClusterAnnotations is annotations with the reserve prefix \"agent.open-cluster-management.io\" set on ManagedCluster when creating only, other actors can update it afterwards." + description: "ClusterAnnotations is annotations with the reserve prefix \"agent.open-cluster-management.io\" set on\nManagedCluster when creating only, other actors can update it afterwards." type: "object" featureGates: - description: "FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false." + description: "FeatureGates represents the list of feature gates for registration\nIf it is set empty, default feature gates will be used.\nIf it is set, featuregate/Foo is an example of one item in FeatureGates:\n 1. If featuregate/Foo does not exist, registration-operator will discard it\n 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true]\n 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false,\n \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false." items: properties: feature: @@ -163,7 +163,7 @@ spec: type: "string" mode: default: "Disable" - description: "Mode is either Enable, Disable, \"\" where \"\" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=true\". In Disable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=false\"." + description: "Mode is either Enable, Disable, \"\" where \"\" is Disable by default.\nIn Enable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=true\".\nIn Disable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=false\"." enum: - "Enable" - "Disable" @@ -174,31 +174,31 @@ spec: type: "array" kubeAPIBurst: default: 100 - description: "KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 100" + description: "KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster.\nIf it is set empty, use the default value: 100" format: "int32" type: "integer" kubeAPIQPS: default: 50 - description: "KubeAPIQPS indicates the maximum QPS while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 50" + description: "KubeAPIQPS indicates the maximum QPS while talking with apiserver of hub cluster from the spoke cluster.\nIf it is set empty, use the default value: 50" format: "int32" type: "integer" type: "object" registrationImagePullSpec: - description: "RegistrationImagePullSpec represents the desired image configuration of registration agent. quay.io/open-cluster-management.io/registration:latest will be used if unspecified." + description: "RegistrationImagePullSpec represents the desired image configuration of registration agent.\nquay.io/open-cluster-management.io/registration:latest will be used if unspecified." type: "string" resourceRequirement: - description: "ResourceRequirement specify QoS classes of deployments managed by klusterlet. It applies to all the containers in the deployments." + description: "ResourceRequirement specify QoS classes of deployments managed by klusterlet.\nIt applies to all the containers in the deployments." properties: resourceRequirements: description: "ResourceRequirements defines resource requests and limits when Type is ResourceQosClassResourceRequirement" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -214,7 +214,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -223,7 +223,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" type: @@ -238,11 +238,11 @@ spec: description: "WorkConfiguration contains the configuration of work" properties: appliedManifestWorkEvictionGracePeriod: - description: "AppliedManifestWorkEvictionGracePeriod is the eviction grace period the work agent will wait before evicting the AppliedManifestWorks, whose corresponding ManifestWorks are missing on the hub cluster, from the managed cluster. If not present, the default value of the work agent will be used." + description: "AppliedManifestWorkEvictionGracePeriod is the eviction grace period the work agent will wait before\nevicting the AppliedManifestWorks, whose corresponding ManifestWorks are missing on the hub cluster, from\nthe managed cluster. If not present, the default value of the work agent will be used." pattern: "^([0-9]+(s|m|h))+$" type: "string" featureGates: - description: "FeatureGates represents the list of feature gates for work If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false." + description: "FeatureGates represents the list of feature gates for work\nIf it is set empty, default feature gates will be used.\nIf it is set, featuregate/Foo is an example of one item in FeatureGates:\n 1. If featuregate/Foo does not exist, registration-operator will discard it\n 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true]\n 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false,\n \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false." items: properties: feature: @@ -250,7 +250,7 @@ spec: type: "string" mode: default: "Disable" - description: "Mode is either Enable, Disable, \"\" where \"\" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=true\". In Disable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=false\"." + description: "Mode is either Enable, Disable, \"\" where \"\" is Disable by default.\nIn Enable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=true\".\nIn Disable mode, a valid feature gate `featuregate/Foo` will be set to \"--featuregate/Foo=false\"." enum: - "Enable" - "Disable" @@ -261,42 +261,42 @@ spec: type: "array" kubeAPIBurst: default: 100 - description: "KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 100" + description: "KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster.\nIf it is set empty, use the default value: 100" format: "int32" type: "integer" kubeAPIQPS: default: 50 - description: "KubeAPIQPS indicates the maximum QPS while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 50" + description: "KubeAPIQPS indicates the maximum QPS while talking with apiserver of hub cluster from the spoke cluster.\nIf it is set empty, use the default value: 50" format: "int32" type: "integer" type: "object" workImagePullSpec: - description: "WorkImagePullSpec represents the desired image configuration of work agent. quay.io/open-cluster-management.io/work:latest will be used if unspecified." + description: "WorkImagePullSpec represents the desired image configuration of work agent.\nquay.io/open-cluster-management.io/work:latest will be used if unspecified." type: "string" type: "object" status: description: "Status represents the current status of Klusterlet agent." properties: conditions: - description: "Conditions contain the different condition statuses for this Klusterlet. Valid condition types are: Applied: Components have been applied in the managed cluster. Available: Components in the managed cluster are available and ready to serve. Progressing: Components in the managed cluster are in a transitioning state. Degraded: Components in the managed cluster do not match the desired configuration and only provide degraded service." + description: "Conditions contain the different condition statuses for this Klusterlet.\nValid condition types are:\nApplied: Components have been applied in the managed cluster.\nAvailable: Components in the managed cluster are available and ready to serve.\nProgressing: Components in the managed cluster are in a transitioning state.\nDegraded: Components in the managed cluster do not match the desired configuration and only provide\ndegraded service." items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -309,7 +309,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -324,7 +324,7 @@ spec: generations: description: "Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction." items: - description: "GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1" + description: "GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made.\nThe definition matches the GenerationStatus defined in github.com/openshift/api/v1" properties: group: description: "group is the group of the resource that you're tracking" diff --git a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opampbridges.yaml b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opampbridges.yaml index 7e9c29de9..ccaf952a5 100644 --- a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opampbridges.yaml +++ b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opampbridges.yaml @@ -588,6 +588,12 @@ spec: type: "string" imagePullPolicy: type: "string" + ipFamilies: + items: + type: "string" + type: "array" + ipFamilyPolicy: + type: "string" nodeSelector: additionalProperties: type: "string" diff --git a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1beta1/opentelemetrycollectors.yaml b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1beta1/opentelemetrycollectors.yaml index 12434a743..656602443 100644 --- a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1beta1/opentelemetrycollectors.yaml +++ b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1beta1/opentelemetrycollectors.yaml @@ -1348,7 +1348,6 @@ spec: type: "array" required: - "exporters" - - "processors" - "receivers" type: "object" type: "object" @@ -2232,6 +2231,13 @@ spec: - "name" type: "object" type: "array" + ipFamilies: + items: + type: "string" + type: "array" + ipFamilyPolicy: + default: "SingleStack" + type: "string" lifecycle: properties: postStart: diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml index 4af60d149..8d207b2f2 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml @@ -100,6 +100,90 @@ spec: type: "string" type: "object" x-kubernetes-map-type: "atomic" + installerEnv: + description: "InstallerEnv are extra environment variables to pass through to the installer. This may be used to enable additional features of the installer." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" inventory: description: "Inventory maintains a list of entries consumed by the ClusterPool to customize the default ClusterDeployment." items: diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml index 5ffc27ee7..a319c16bf 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml @@ -473,6 +473,10 @@ spec: - "type" type: "object" type: "array" + controlledByReplica: + description: "ControlledByReplica indicates which replica of the hive-machinepool StatefulSet is responsible for this MachinePool. Note that this value indicates the replica that most recently handled the MachinePool. If the hive-machinepool statefulset is scaled up or down, the controlling replica can change, potentially causing logs to be spread across multiple pods." + format: "int64" + type: "integer" machineSets: description: "MachineSets is the status of the machine sets for the machine pool on the remote cluster." items: diff --git a/crd-catalog/openshift/managed-upgrade-operator/upgrade.managed.openshift.io/v1alpha1/upgradeconfigs.yaml b/crd-catalog/openshift/managed-upgrade-operator/upgrade.managed.openshift.io/v1alpha1/upgradeconfigs.yaml index 4111fc8c9..bb83e0372 100644 --- a/crd-catalog/openshift/managed-upgrade-operator/upgrade.managed.openshift.io/v1alpha1/upgradeconfigs.yaml +++ b/crd-catalog/openshift/managed-upgrade-operator/upgrade.managed.openshift.io/v1alpha1/upgradeconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "upgradeconfigs.upgrade.managed.openshift.io" spec: group: "upgrade.managed.openshift.io" diff --git a/crd-catalog/openshift/ptp-operator/ptp.openshift.io/v1/nodeptpdevices.yaml b/crd-catalog/openshift/ptp-operator/ptp.openshift.io/v1/nodeptpdevices.yaml index b55aacde9..b390730e9 100644 --- a/crd-catalog/openshift/ptp-operator/ptp.openshift.io/v1/nodeptpdevices.yaml +++ b/crd-catalog/openshift/ptp-operator/ptp.openshift.io/v1/nodeptpdevices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "nodeptpdevices.ptp.openshift.io" spec: group: "ptp.openshift.io" @@ -13,16 +13,20 @@ spec: singular: "nodeptpdevice" scope: "Namespaced" versions: - - name: "v1" + - additionalPrinterColumns: + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" + name: "v1" schema: openAPIV3Schema: description: "NodePtpDevice is the Schema for the nodeptpdevices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,27 +37,35 @@ spec: description: "NodePtpDeviceStatus defines the observed state of NodePtpDevice" properties: devices: - description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run \"make\" to regenerate code after modifying this file" + description: "PtpDevice represents a PTP device available in the cluster node.\nThis struct contains information about the device, including its name and profile." items: properties: name: + description: "Name is the name of the PTP device.\nIt is a unique identifier for the device." type: "string" profile: + description: "Profile is the PTP profile associated with the device.\nThis profile defines the PTP configuration settings for the device." type: "string" type: "object" type: "array" hwconfig: + description: "HwConfig represents the hardware configuration for a device in the cluster.\nThis struct contains information about the device's identification and status,\nas well as its specific configuration settings." items: properties: config: + description: "Config contains the configuration settings for the hardware device.\nThis is a JSON object that holds the device-specific configuration." x-kubernetes-preserve-unknown-fields: true deviceID: + description: "DeviceID is the unique identifier for the hardware device." type: "string" failed: + description: "Failed indicates whether the hardware configuration has failed.\nA value of true means the configuration has failed." type: "boolean" status: + description: "Status provides a descriptive status of the hardware device's configuration." type: "string" vendorID: + description: "VendorID is the identifier for the vendor of the hardware device." type: "string" type: "object" type: "array" diff --git a/crd-catalog/openshift/ptp-operator/ptp.openshift.io/v1/ptpconfigs.yaml b/crd-catalog/openshift/ptp-operator/ptp.openshift.io/v1/ptpconfigs.yaml index 5bcc857fd..25a0dc175 100644 --- a/crd-catalog/openshift/ptp-operator/ptp.openshift.io/v1/ptpconfigs.yaml +++ b/crd-catalog/openshift/ptp-operator/ptp.openshift.io/v1/ptpconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "ptpconfigs.ptp.openshift.io" spec: group: "ptp.openshift.io" @@ -19,10 +19,10 @@ spec: description: "PtpConfig is the Schema for the ptpconfigs API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -122,7 +122,7 @@ spec: description: "PtpConfigStatus defines the observed state of PtpConfig" properties: matchList: - description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run \"make\" to regenerate code after modifying this file" + description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster\nImportant: Run \"make\" to regenerate code after modifying this file" items: properties: nodeName: diff --git a/crd-catalog/openshift/ptp-operator/ptp.openshift.io/v1/ptpoperatorconfigs.yaml b/crd-catalog/openshift/ptp-operator/ptp.openshift.io/v1/ptpoperatorconfigs.yaml index 57c32c5e2..ee7136dfb 100644 --- a/crd-catalog/openshift/ptp-operator/ptp.openshift.io/v1/ptpoperatorconfigs.yaml +++ b/crd-catalog/openshift/ptp-operator/ptp.openshift.io/v1/ptpoperatorconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "ptpoperatorconfigs.ptp.openshift.io" spec: group: "ptp.openshift.io" @@ -24,29 +24,31 @@ spec: description: "PtpOperatorConfig is the Schema for the ptpoperatorconfigs API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "PtpOperatorConfigSpec defines the desired state of PtpOperatorConfig" + description: "PtpOperatorConfigSpec defines the desired state of PtpOperatorConfig." properties: daemonNodeSelector: additionalProperties: type: "string" + description: "DaemonNodeSelector specifies the node selector for the linuxptp daemon.\nThis is a map of key-value pairs used to select the nodes where the\nlinuxptp daemon will run.\nIf empty {}, the linuxptp daemon will be deployed on each node of the cluster." type: "object" plugins: additionalProperties: x-kubernetes-preserve-unknown-fields: true + description: "EnabledPlugins is a map of plugin names to their configuration settings.\nEach entry in the map specifies the configuration for a specific plugin.\nThis field is optional and can be omitted if no plugins are enabled." type: "object" ptpEventConfig: - description: "EventConfig to configure event sidecar" + description: "EventConfig contains the configuration settings for the PTP event sidecar.\nThis field is optional and can be omitted if event sidecar configuration is not required." properties: apiVersion: - description: "ApiVersion is used to determine which API is used for the event service 1.0: default version. event service is mapped to internal REST-API. 2.x: event service is mapped to O-RAN v3.0 Compliant O-Cloud Notification REST-API." + description: "ApiVersion is used to determine which API is used for the event service\n1.0: default version. event service is mapped to internal REST-API.\n2.x: event service is mapped to O-RAN v3.0 Compliant O-Cloud Notification REST-API." type: "string" enableEventPublisher: default: false @@ -56,7 +58,7 @@ spec: description: "StorageType is the type of storage to store subscription data" type: "string" transportHost: - description: "TransportHost format is ://..svc.cluster.local: Example HTTP transport: \"http://ptp-event-publisher-service-NODE_NAME.openshift-ptp.svc.cluster.local:9043\"" + description: "TransportHost format is ://..svc.cluster.local:\nExample HTTP transport: \"http://ptp-event-publisher-service-NODE_NAME.openshift-ptp.svc.cluster.local:9043\"" type: "string" type: "object" required: @@ -66,6 +68,9 @@ spec: description: "PtpOperatorConfigStatus defines the observed state of PtpOperatorConfig" type: "object" type: "object" + x-kubernetes-validations: + - message: "PtpOperatorConfig is a singleton, metadata.name must be 'default'" + rule: "self.metadata.name == 'default'" served: true storage: true subresources: diff --git a/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/databaseengines.yaml b/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/databaseengines.yaml index f97242284..f93e4fb88 100644 --- a/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/databaseengines.yaml +++ b/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/databaseengines.yaml @@ -127,10 +127,10 @@ spec: type: "object" type: "object" operatorUpgrade: - description: "OperatorUpgrade contains the status of the operator upgrade.\nThis is set only if the `everest.percona.com/upgrade-operator-to` annotation is present." + description: "OperatorUpgrade contains the status of the operator upgrade." properties: installPlanRef: - description: "InstallPlanRef is a reference to the InstallPlan object created for the operator upgrade." + description: "InstallPlanRef is a reference to the InstallPlan object created for the operator upgrade.\n\n\nWe do not recommended approving this InstallPlan directly from the Kubernetes API.\nThis is because this InstallPlan may also upgrade other operators in the namespace and that\ncan have unintended consequences.\nThis behaviour is not a bug from Everest, but an unfortunate limitation of OLM.\nWe suggest using the Everest API/UI to handle operator upgrades, which will perform a series\nof checks and safely upgrade all operators in the namespace." properties: name: default: "" @@ -157,7 +157,7 @@ spec: description: "OperatorUpgrade contains the information about the operator upgrade." properties: installPlanRef: - description: "InstallPlanRef is a reference to the InstallPlan object created for the operator upgrade." + description: "InstallPlanRef is a reference to the InstallPlan object created for the operator upgrade.\n\n\nWe do not recommended approving this InstallPlan directly from the Kubernetes API.\nThis is because this InstallPlan may also upgrade other operators in the namespace and that\ncan have unintended consequences.\nThis behaviour is not a bug from Everest, but an unfortunate limitation of OLM.\nWe suggest using the Everest API/UI to handle operator upgrades, which will perform a series\nof checks and safely upgrade all operators in the namespace." properties: name: default: "" diff --git a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbbackups.yaml b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbbackups.yaml index 24211e70a..be716c8e5 100644 --- a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbbackups.yaml +++ b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbbackups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "perconaservermongodbbackups.psmdb.percona.com" spec: group: "psmdb.percona.com" diff --git a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbrestores.yaml b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbrestores.yaml index 78d98ea39..aaec1b0c2 100644 --- a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbrestores.yaml +++ b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbrestores.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "perconaservermongodbrestores.psmdb.percona.com" spec: group: "psmdb.percona.com" diff --git a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbs.yaml b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbs.yaml index 8d003541c..770af7722 100644 --- a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbs.yaml +++ b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "perconaservermongodbs.psmdb.percona.com" spec: group: "psmdb.percona.com" @@ -409,6 +409,7 @@ spec: items: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -502,6 +503,78 @@ spec: type: "string" pmm: properties: + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + required: + - "type" + type: "object" + capabilities: + properties: + add: + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + drop: + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + privileged: + type: "boolean" + procMount: + type: "string" + readOnlyRootFilesystem: + type: "boolean" + runAsGroup: + format: "int64" + type: "integer" + runAsNonRoot: + type: "boolean" + runAsUser: + format: "int64" + type: "integer" + seLinuxOptions: + properties: + level: + type: "string" + role: + type: "string" + type: + type: "string" + user: + type: "string" + type: "object" + seccompProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + required: + - "type" + type: "object" + windowsOptions: + properties: + gmsaCredentialSpec: + type: "string" + gmsaCredentialSpecName: + type: "string" + hostProcess: + type: "boolean" + runAsUserName: + type: "string" + type: "object" + type: "object" enabled: type: "boolean" image: @@ -1736,6 +1809,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1753,6 +1827,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1783,6 +1858,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -1797,6 +1873,7 @@ spec: nodePublishSecretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1998,6 +2075,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2084,6 +2162,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2203,6 +2282,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -2269,6 +2349,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -2328,6 +2409,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2350,6 +2432,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2403,6 +2486,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2455,6 +2539,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -2493,6 +2578,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -2514,6 +2600,7 @@ spec: configMapRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -2524,6 +2611,7 @@ spec: secretRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -3306,6 +3394,8 @@ spec: x-kubernetes-list-type: "atomic" ip: type: "string" + required: + - "ip" type: "object" type: "array" labels: @@ -4450,6 +4540,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4467,6 +4558,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4497,6 +4589,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -4511,6 +4604,7 @@ spec: nodePublishSecretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4712,6 +4806,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4798,6 +4893,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4917,6 +5013,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -4983,6 +5080,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -5042,6 +5140,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -5064,6 +5163,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -5117,6 +5217,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -5169,6 +5270,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -5207,6 +5309,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -5228,6 +5331,7 @@ spec: configMapRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -5238,6 +5342,7 @@ spec: secretRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -6446,6 +6551,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6463,6 +6569,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6493,6 +6600,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -6507,6 +6615,7 @@ spec: nodePublishSecretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6708,6 +6817,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6794,6 +6904,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6913,6 +7024,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -6979,6 +7091,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -7038,6 +7151,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -7060,6 +7174,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -7113,6 +7228,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -7165,6 +7281,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -7203,6 +7320,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -7224,6 +7342,7 @@ spec: configMapRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -7234,6 +7353,7 @@ spec: secretRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -9275,6 +9395,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -9292,6 +9413,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -9322,6 +9444,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -9336,6 +9459,7 @@ spec: nodePublishSecretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -9537,6 +9661,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -9623,6 +9748,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -9742,6 +9868,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -9808,6 +9935,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -9867,6 +9995,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -9889,6 +10018,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -9942,6 +10072,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -9994,6 +10125,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -10032,6 +10164,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -10053,6 +10186,7 @@ spec: configMapRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -10063,6 +10197,7 @@ spec: secretRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -10845,6 +10980,8 @@ spec: x-kubernetes-list-type: "atomic" ip: type: "string" + required: + - "ip" type: "object" type: "array" labels: @@ -11989,6 +12126,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -12006,6 +12144,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -12036,6 +12175,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -12050,6 +12190,7 @@ spec: nodePublishSecretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -12251,6 +12392,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -12337,6 +12479,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -12456,6 +12599,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -12522,6 +12666,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -12581,6 +12726,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -12603,6 +12749,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -12656,6 +12803,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -12708,6 +12856,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -12746,6 +12895,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -12767,6 +12917,7 @@ spec: configMapRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -12777,6 +12928,7 @@ spec: secretRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -13985,6 +14137,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -14002,6 +14155,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -14032,6 +14186,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -14046,6 +14201,7 @@ spec: nodePublishSecretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -14247,6 +14403,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -14333,6 +14490,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -14452,6 +14610,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -14518,6 +14677,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -14577,6 +14737,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -14599,6 +14760,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -14652,6 +14814,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -14704,6 +14867,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -14742,6 +14906,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -14763,6 +14928,7 @@ spec: configMapRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -14773,6 +14939,7 @@ spec: secretRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -16156,6 +16323,8 @@ spec: x-kubernetes-list-type: "atomic" ip: type: "string" + required: + - "ip" type: "object" type: "array" hostPort: @@ -16693,6 +16862,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -16710,6 +16880,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -16740,6 +16911,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -16754,6 +16926,7 @@ spec: nodePublishSecretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -16955,6 +17128,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -17041,6 +17215,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -17160,6 +17335,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -17226,6 +17402,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -17285,6 +17462,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -17307,6 +17485,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -17360,6 +17539,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -17412,6 +17592,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -17450,6 +17631,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -17471,6 +17653,7 @@ spec: configMapRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -17481,6 +17664,7 @@ spec: secretRef: properties: name: + default: "" type: "string" optional: type: "boolean" diff --git a/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusters.yaml b/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusters.yaml index 9e7f31e0e..741e25c54 100644 --- a/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusters.yaml +++ b/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusters.yaml @@ -1650,6 +1650,8 @@ spec: items: type: "string" type: "array" + onlyReaders: + type: "boolean" trafficPolicy: type: "string" type: @@ -10021,6 +10023,8 @@ spec: items: type: "string" type: "array" + enabled: + type: "boolean" issuerConf: properties: group: @@ -10033,6 +10037,17 @@ spec: - "name" type: "object" type: "object" + unsafeFlags: + properties: + backupIfUnhealthy: + type: "boolean" + proxySize: + type: "boolean" + pxcSize: + type: "boolean" + tls: + type: "boolean" + type: "object" updateStrategy: type: "string" upgradeOptions: diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/felixconfigurations.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/felixconfigurations.yaml index a23739bac..99e5dd536 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/felixconfigurations.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/felixconfigurations.yaml @@ -262,6 +262,9 @@ spec: goGCThreshold: description: "GoGCThreshold Sets the Go runtime's garbage collection threshold. I.e. the percentage that the heap is allowed to grow before garbage collection is triggered. In general, doubling the value halves the CPU time spent doing GC, but it also doubles peak GC memory overhead. A special value of -1 can be used to disable GC entirely; this should only be used in conjunction with the GoMemoryLimitMB setting. \n This setting is overridden by the GOGC environment variable. \n [Default: 40]" type: "integer" + goMaxProcs: + description: "GoMaxProcs sets the maximum number of CPUs that the Go runtime will use concurrently. A value of -1 means \"use the system default\"; typically the number of real CPUs on the system. \n this setting is overridden by the GOMAXPROCS environment variable. \n [Default: -1]" + type: "integer" goMemoryLimitMB: description: "GoMemoryLimitMB sets a (soft) memory limit for the Go runtime in MB. The Go runtime will try to keep its memory usage under the limit by triggering GC as needed. To avoid thrashing, it will exceed the limit if GC starts to take more than 50% of the process's CPU time. A value of -1 disables the memory limit. \n Note that the memory limit, if used, must be considerably less than any hard resource limit set at the container or pod level. This is because felix is not the only process that must run in the container or pod. \n This setting is overridden by the GOMEMLIMIT environment variable. \n [Default: -1]" type: "integer" @@ -400,6 +403,9 @@ spec: netlinkTimeout: pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" + nftablesMode: + description: "NFTablesMode configures nftables support in Felix. [Default: Disabled]" + type: "string" openstackRegion: description: "OpenstackRegion is the name of the region that a particular Felix belongs to. In a multi-region Calico/OpenStack deployment, this must be configured somehow for each Felix (here in the datamodel, or in felix.cfg or the environment on each compute node), and must match the [calico] openstack_region value configured in neutron.conf on each node. [Default: Empty]" type: "string" diff --git a/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourconfigurations.yaml b/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourconfigurations.yaml index 79ee18bd1..21902cdf3 100644 --- a/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourconfigurations.yaml +++ b/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourconfigurations.yaml @@ -81,6 +81,10 @@ spec: description: "The maximum number of parallel retries a single Envoy instance allows to the Kubernetes Service; defaults to 3." format: "int32" type: "integer" + perHostMaxConnections: + description: "PerHostMaxConnections is the maximum number of connections\nthat Envoy will allow to each individual host in a cluster." + format: "int32" + type: "integer" type: "object" dnsLookupFamily: description: "DNSLookupFamily defines how external names are looked up\nWhen configured as V4, the DNS resolver will only perform a lookup\nfor addresses in the IPv4 family. If V6 is configured, the DNS resolver\nwill only perform a lookup for addresses in the IPv6 family.\nIf AUTO is configured, the DNS resolver will first perform a lookup\nfor addresses in the IPv6 family and fallback to a lookup for addresses\nin the IPv4 family. If ALL is specified, the DNS resolver will perform a lookup for\nboth IPv4 and IPv6 families, and return all resolved addresses.\nWhen this is used, Happy Eyeballs will be enabled for upstream connections.\nRefer to Happy Eyeballs Support for more information.\nNote: This only applies to externalName clusters.\nSee https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/cluster.proto.html#envoy-v3-api-enum-config-cluster-v3-cluster-dnslookupfamily\nfor more information.\nValues: `auto` (default), `v4`, `v6`, `all`.\nOther values will produce an error." @@ -706,7 +710,7 @@ spec: type: "string" type: "object" type: - description: "Defines the XDSServer to use for `contour serve`.\nValues: `envoy` (default), `contour (deprecated)`.\nOther values will produce an error." + description: "Defines the XDSServer to use for `contour serve`.\nValues: `envoy` (default), `contour (deprecated)`.\nOther values will produce an error.\nDeprecated: this field will be removed in a future release when\nthe `contour` xDS server implementation is removed." type: "string" type: "object" type: "object" diff --git a/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourdeployments.yaml b/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourdeployments.yaml index eedc6e9bc..b6bd94b51 100644 --- a/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourdeployments.yaml +++ b/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourdeployments.yaml @@ -1457,6 +1457,10 @@ spec: description: "The maximum number of parallel retries a single Envoy instance allows to the Kubernetes Service; defaults to 3." format: "int32" type: "integer" + perHostMaxConnections: + description: "PerHostMaxConnections is the maximum number of connections\nthat Envoy will allow to each individual host in a cluster." + format: "int32" + type: "integer" type: "object" dnsLookupFamily: description: "DNSLookupFamily defines how external names are looked up\nWhen configured as V4, the DNS resolver will only perform a lookup\nfor addresses in the IPv4 family. If V6 is configured, the DNS resolver\nwill only perform a lookup for addresses in the IPv6 family.\nIf AUTO is configured, the DNS resolver will first perform a lookup\nfor addresses in the IPv6 family and fallback to a lookup for addresses\nin the IPv4 family. If ALL is specified, the DNS resolver will perform a lookup for\nboth IPv4 and IPv6 families, and return all resolved addresses.\nWhen this is used, Happy Eyeballs will be enabled for upstream connections.\nRefer to Happy Eyeballs Support for more information.\nNote: This only applies to externalName clusters.\nSee https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/cluster.proto.html#envoy-v3-api-enum-config-cluster-v3-cluster-dnslookupfamily\nfor more information.\nValues: `auto` (default), `v4`, `v6`, `all`.\nOther values will produce an error." @@ -2082,7 +2086,7 @@ spec: type: "string" type: "object" type: - description: "Defines the XDSServer to use for `contour serve`.\nValues: `envoy` (default), `contour (deprecated)`.\nOther values will produce an error." + description: "Defines the XDSServer to use for `contour serve`.\nValues: `envoy` (default), `contour (deprecated)`.\nOther values will produce an error.\nDeprecated: this field will be removed in a future release when\nthe `contour` xDS server implementation is removed." type: "string" type: "object" type: "object" diff --git a/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/extensionservices.yaml b/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/extensionservices.yaml index 333aed635..b7c695e67 100644 --- a/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/extensionservices.yaml +++ b/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/extensionservices.yaml @@ -33,6 +33,30 @@ spec: spec: description: "ExtensionServiceSpec defines the desired state of an ExtensionService resource." properties: + circuitBreakerPolicy: + description: "CircuitBreakerPolicy specifies the circuit breaker budget across the extension service.\nIf defined this overrides the global circuit breaker budget." + properties: + maxConnections: + description: "The maximum number of connections that a single Envoy instance allows to the Kubernetes Service; defaults to 1024." + format: "int32" + type: "integer" + maxPendingRequests: + description: "The maximum number of pending requests that a single Envoy instance allows to the Kubernetes Service; defaults to 1024." + format: "int32" + type: "integer" + maxRequests: + description: "The maximum parallel requests a single Envoy instance allows to the Kubernetes Service; defaults to 1024" + format: "int32" + type: "integer" + maxRetries: + description: "The maximum number of parallel retries a single Envoy instance allows to the Kubernetes Service; defaults to 3." + format: "int32" + type: "integer" + perHostMaxConnections: + description: "PerHostMaxConnections is the maximum number of connections\nthat Envoy will allow to each individual host in a cluster." + format: "int32" + type: "integer" + type: "object" loadBalancerPolicy: description: "The policy for load balancing GRPC service requests. Note that the\n`Cookie` and `RequestHash` load balancing strategies cannot be used\nhere." properties: diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml index 83e2e0237..d4337838e 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml @@ -20,7 +20,7 @@ spec: - name: "v1" schema: openAPIV3Schema: - description: "PodMonitor defines monitoring for a set of pods." + description: "The `PodMonitor` custom resource definition (CRD) defines how `Prometheus` and `PrometheusAgent` can scrape metrics from a group of pods.\nAmong other things, it allows to specify:\n* The pods to scrape via label selectors.\n* The container ports to scrape.\n* Authentication credentials to use.\n* Target and metric relabeling.\n\n\n`Prometheus` and `PrometheusAgent` objects select `PodMonitor` objects using label and namespace selectors." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -34,10 +34,10 @@ spec: description: "Specification of desired Pod selection for target discovery by Prometheus." properties: attachMetadata: - description: "`attachMetadata` defines additional metadata which is added to the\ndiscovered targets.\n\n\nIt requires Prometheus >= v2.37.0." + description: "`attachMetadata` defines additional metadata which is added to the\ndiscovered targets.\n\n\nIt requires Prometheus >= v2.35.0." properties: node: - description: "When set to true, Prometheus must have the `get` permission on the\n`Nodes` objects." + description: "When set to true, Prometheus attaches node metadata to the discovered\ntargets.\n\n\nThe Prometheus service account must have the `list` and `watch`\npermissions on the `Nodes` objects." type: "boolean" type: "object" bodySizeLimit: @@ -64,7 +64,7 @@ spec: format: "int64" type: "integer" namespaceSelector: - description: "Selector to select which namespaces the Kubernetes `Pods` objects\nare discovered from." + description: "`namespaceSelector` defines in which namespace(s) Prometheus should discover the pods.\nBy default, the pods are discovered in the same namespace as the `PodMonitor` object but it is possible to select pods across different/all namespaces." properties: any: description: "Boolean describing whether all namespaces are selected in contrast to a\nlist restricting them." @@ -76,7 +76,7 @@ spec: type: "array" type: "object" podMetricsEndpoints: - description: "List of endpoints part of this PodMonitor." + description: "Defines how to scrape metrics from the selected pods." items: description: "PodMetricsEndpoint defines an endpoint serving Prometheus metrics to be scraped by\nPrometheus." properties: @@ -535,7 +535,7 @@ spec: type: "array" x-kubernetes-list-type: "set" selector: - description: "Label selector to select the Kubernetes `Pod` objects." + description: "Label selector to select the Kubernetes `Pod` objects to scrape metrics from." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml index d29258ade..cebb93d28 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml @@ -20,7 +20,7 @@ spec: - name: "v1" schema: openAPIV3Schema: - description: "Probe defines monitoring for a set of static targets or ingresses." + description: "The `Probe` custom resource definition (CRD) defines how to scrape metrics from prober exporters such as the [blackbox exporter](https://github.com/prometheus/blackbox_exporter).\n\n\nThe `Probe` resource needs 2 pieces of information:\n* The list of probed addresses which can be defined statically or by discovering Kubernetes Ingress objects.\n* The prober which exposes the availability of probed endpoints (over various protocols such HTTP, TCP, ICMP, ...) as Prometheus metrics.\n\n\n`Prometheus` and `PrometheusAgent` objects select `Probe` objects using label and namespace selectors." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml index 3c3b4d097..4c2957430 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml @@ -4496,6 +4496,13 @@ spec: description: "List of scrape classes to expose to scraping objects such as\nPodMonitors, ServiceMonitors, Probes and ScrapeConfigs.\n\n\nThis is an *experimental feature*, it may change in any upcoming release\nin a breaking way." items: properties: + attachMetadata: + description: "AttachMetadata configures additional metadata to the discovered targets.\nWhen the scrape object defines its own configuration, it takes\nprecedence over the scrape class configuration." + properties: + node: + description: "When set to true, Prometheus attaches node metadata to the discovered\ntargets.\n\n\nThe Prometheus service account must have the `list` and `watch`\npermissions on the `Nodes` objects." + type: "boolean" + type: "object" default: description: "Default indicates that the scrape applies to all scrape objects that\ndon't configure an explicit scrape class name.\n\n\nOnly one scrape class can be set as the default." type: "boolean" @@ -4828,6 +4835,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "set" securityContext: description: "SecurityContext holds pod-level security attributes and common container settings.\nThis defaults to the default PodSecurityContext." properties: @@ -4933,6 +4941,12 @@ spec: serviceAccountName: description: "ServiceAccountName is the name of the ServiceAccount to use to run the\nPrometheus Pods." type: "string" + serviceDiscoveryRole: + description: "Defines the service discovery role used to discover targets from `ServiceMonitor` objects.\nIf set, the value should be either \"Endpoints\" or \"EndpointSlice\".\nIf unset, the operator assumes the \"Endpoints\" role." + enum: + - "Endpoints" + - "EndpointSlice" + type: "string" serviceMonitorNamespaceSelector: description: "Namespaces to match for ServicedMonitors discovery. An empty label selector\nmatches all namespaces. A null label selector (default value) matches the current\nnamespace only." properties: diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheusrules.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheusrules.yaml index f64feeda8..c08a3fec5 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheusrules.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheusrules.yaml @@ -20,7 +20,7 @@ spec: - name: "v1" schema: openAPIV3Schema: - description: "PrometheusRule defines recording and alerting rules for a Prometheus instance" + description: "The `PrometheusRule` custom resource definition (CRD) defines [alerting](https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/) and [recording](https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/) rules to be evaluated by `Prometheus` or `ThanosRuler` objects.\n\n\n`Prometheus` and `ThanosRuler` objects select `PrometheusRule` objects using label and namespace selectors." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml index 62beebca8..2d3aad8ed 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml @@ -20,7 +20,7 @@ spec: - name: "v1" schema: openAPIV3Schema: - description: "ServiceMonitor defines monitoring for a set of services." + description: "The `ServiceMonitor` custom resource definition (CRD) defines how `Prometheus` and `PrometheusAgent` can scrape metrics from a group of services.\nAmong other things, it allows to specify:\n* The services to scrape via label selectors.\n* The container ports to scrape.\n* Authentication credentials to use.\n* Target and metric relabeling.\n\n\n`Prometheus` and `PrometheusAgent` objects select `ServiceMonitor` objects using label and namespace selectors." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -37,7 +37,7 @@ spec: description: "`attachMetadata` defines additional metadata which is added to the\ndiscovered targets.\n\n\nIt requires Prometheus >= v2.37.0." properties: node: - description: "When set to true, Prometheus must have the `get` permission on the\n`Nodes` objects." + description: "When set to true, Prometheus attaches node metadata to the discovered\ntargets.\n\n\nThe Prometheus service account must have the `list` and `watch`\npermissions on the `Nodes` objects." type: "boolean" type: "object" bodySizeLimit: @@ -45,7 +45,7 @@ spec: pattern: "(^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$" type: "string" endpoints: - description: "List of endpoints part of this ServiceMonitor." + description: "List of endpoints part of this ServiceMonitor.\nDefines how to scrape metrics from Kubernetes [Endpoints](https://kubernetes.io/docs/concepts/services-networking/service/#endpoints) objects.\nIn most cases, an Endpoints object is backed by a Kubernetes [Service](https://kubernetes.io/docs/concepts/services-networking/service/) object with the same name and labels." items: description: "Endpoint defines an endpoint serving Prometheus metrics to be scraped by\nPrometheus." properties: @@ -510,7 +510,7 @@ spec: format: "int64" type: "integer" namespaceSelector: - description: "Selector to select which namespaces the Kubernetes `Endpoints` objects\nare discovered from." + description: "`namespaceSelector` defines in which namespace(s) Prometheus should discover the services.\nBy default, the services are discovered in the same namespace as the `ServiceMonitor` object but it is possible to select pods across different/all namespaces." properties: any: description: "Boolean describing whether all namespaces are selected in contrast to a\nlist restricting them." @@ -547,7 +547,7 @@ spec: type: "array" x-kubernetes-list-type: "set" selector: - description: "Label selector to select the Kubernetes `Endpoints` objects." + description: "Label selector to select the Kubernetes `Endpoints` objects to scrape metrics from." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -589,6 +589,7 @@ spec: format: "int64" type: "integer" required: + - "endpoints" - "selector" type: "object" required: diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml index 773bd103c..bb90562f2 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml @@ -3599,6 +3599,13 @@ spec: description: "List of scrape classes to expose to scraping objects such as\nPodMonitors, ServiceMonitors, Probes and ScrapeConfigs.\n\n\nThis is an *experimental feature*, it may change in any upcoming release\nin a breaking way." items: properties: + attachMetadata: + description: "AttachMetadata configures additional metadata to the discovered targets.\nWhen the scrape object defines its own configuration, it takes\nprecedence over the scrape class configuration." + properties: + node: + description: "When set to true, Prometheus attaches node metadata to the discovered\ntargets.\n\n\nThe Prometheus service account must have the `list` and `watch`\npermissions on the `Nodes` objects." + type: "boolean" + type: "object" default: description: "Default indicates that the scrape applies to all scrape objects that\ndon't configure an explicit scrape class name.\n\n\nOnly one scrape class can be set as the default." type: "boolean" @@ -3931,6 +3938,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "set" securityContext: description: "SecurityContext holds pod-level security attributes and common container settings.\nThis defaults to the default PodSecurityContext." properties: @@ -4036,6 +4044,12 @@ spec: serviceAccountName: description: "ServiceAccountName is the name of the ServiceAccount to use to run the\nPrometheus Pods." type: "string" + serviceDiscoveryRole: + description: "Defines the service discovery role used to discover targets from `ServiceMonitor` objects.\nIf set, the value should be either \"Endpoints\" or \"EndpointSlice\".\nIf unset, the operator assumes the \"Endpoints\" role." + enum: + - "Endpoints" + - "EndpointSlice" + type: "string" serviceMonitorNamespaceSelector: description: "Namespaces to match for ServicedMonitors discovery. An empty label selector\nmatches all namespaces. A null label selector (default value) matches the current\nnamespace only." properties: diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml index 9a2d449c2..734727da9 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml @@ -4760,6 +4760,219 @@ spec: description: "SampleLimit defines per-scrape limit on number of scraped samples that will be accepted." format: "int64" type: "integer" + scalewaySDConfigs: + description: "ScalewaySDConfigs defines a list of Scaleway instances and baremetal service discovery configurations." + items: + description: "ScalewaySDConfig configurations allow retrieving scrape targets from Scaleway instances and baremetal services.\nSee https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scaleway_sd_config\nTODO: Need to document that we will not be supporting the `_file` fields." + properties: + accessKey: + description: "Access key to use. https://console.scaleway.com/project/credentials" + minLength: 1 + type: "string" + apiURL: + description: "API URL to use when doing the server listing requests." + pattern: "^http(s)?://.+$" + type: "string" + enableHTTP2: + description: "Whether to enable HTTP2." + type: "boolean" + followRedirects: + description: "Configure whether HTTP requests follow HTTP 3xx redirects." + type: "boolean" + nameFilter: + description: "NameFilter specify a name filter (works as a LIKE) to apply on the server listing request." + minLength: 1 + type: "string" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + port: + description: "The port to scrape metrics from." + format: "int32" + maximum: 65535.0 + minimum: 0.0 + type: "integer" + projectID: + description: "Project ID of the targets." + minLength: 1 + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" + refreshInterval: + description: "Refresh interval to re-read the list of instances." + pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" + type: "string" + role: + description: "Service of the targets to retrieve. Must be `Instance` or `Baremetal`." + enum: + - "Instance" + - "Baremetal" + type: "string" + secretKey: + description: "Secret key to use when listing targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + tagsFilter: + description: "TagsFilter specify a tag filter (a server needs to have all defined tags to be listed) to apply on the server listing request." + items: + type: "string" + minItems: 1 + type: "array" + tlsConfig: + description: "TLS configuration to use on every scrape request" + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" + zone: + description: "Zone is the availability zone of your targets (e.g. fr-par-1)." + minLength: 1 + type: "string" + required: + - "accessKey" + - "projectID" + - "role" + - "secretKey" + type: "object" + type: "array" scheme: description: "Configures the protocol scheme used for requests.\nIf empty, Prometheus uses HTTP by default." enum: diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml index 68d153c80..60aa8182d 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml @@ -20,7 +20,7 @@ spec: - name: "v1beta1" schema: openAPIV3Schema: - description: "AlertmanagerConfig configures the Prometheus Alertmanager,\nspecifying how alerts should be grouped, inhibited and notified to external systems." + description: "The `AlertmanagerConfig` custom resource definition (CRD) defines how `Alertmanager` objects process Prometheus alerts. It allows to specify alert grouping and routing, notification receivers and inhibition rules.\n\n\n`Alertmanager` objects select `AlertmanagerConfig` objects using label and namespace selectors." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulps.yaml b/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulps.yaml index 12f1eadf6..127961cdf 100644 --- a/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulps.yaml +++ b/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulps.yaml @@ -3354,6 +3354,9 @@ spec: type: "object" type: "array" type: "object" + custom_pulp_settings: + description: "Name of the ConfigMap to define Pulp configurations not available through this CR." + type: "string" database: description: "Database defines desired state of postgres resources" properties: @@ -4469,7 +4472,7 @@ spec: description: "Name of the Secret to provide Django cryptographic signing. Default: \"pulp-secret-key\"" type: "string" pulp_settings: - description: "Definition of /etc/pulp/settings.py config file." + description: "[DEPRECATED] Definition of /etc/pulp/settings.py config file. This field is deprecated and will be removed in the future, use the custom_pulp_settings field instead." type: "object" x-kubernetes-preserve-unknown-fields: true pvc: diff --git a/crd-catalog/quay/quay-operator/quay.redhat.com/v1/quayregistries.yaml b/crd-catalog/quay/quay-operator/quay.redhat.com/v1/quayregistries.yaml index 230a1cc86..aa80fdc82 100644 --- a/crd-catalog/quay/quay-operator/quay.redhat.com/v1/quayregistries.yaml +++ b/crd-catalog/quay/quay-operator/quay.redhat.com/v1/quayregistries.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "quayregistries.quay.redhat.com" spec: group: "quay.redhat.com" @@ -19,10 +19,10 @@ spec: description: "QuayRegistry is the Schema for the quayregistries API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -38,7 +38,7 @@ spec: description: "Kind is the unique name of this type of component." type: "string" managed: - description: "Managed indicates whether or not the Operator is responsible for the lifecycle of this component. Default is true." + description: "Managed indicates whether or not the Operator is responsible for the lifecycle of this component.\nDefault is true." type: "boolean" overrides: description: "Overrides holds information regarding component specific configurations." @@ -50,9 +50,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -60,16 +60,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -81,16 +81,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -111,26 +111,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -142,16 +142,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -172,7 +172,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -185,16 +185,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -206,26 +206,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -237,23 +237,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -262,9 +262,9 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: description: "A label query over a set of resources, in this case pods." @@ -272,16 +272,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -293,26 +293,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -324,17 +324,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -345,7 +345,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -358,16 +358,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -379,26 +379,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -410,23 +410,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -435,9 +435,9 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: description: "A label query over a set of resources, in this case pods." @@ -445,16 +445,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -466,26 +466,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -497,17 +497,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -527,7 +527,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -539,7 +539,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -549,7 +549,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -562,7 +562,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -588,7 +588,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -645,7 +645,7 @@ spec: type: "object" type: "array" configBundleSecret: - description: "ConfigBundleSecret is the name of the Kubernetes `Secret` in the same namespace which contains the base Quay config and extra certs." + description: "ConfigBundleSecret is the name of the Kubernetes `Secret` in the same namespace\nwhich contains the base Quay config and extra certs." type: "string" type: "object" status: @@ -654,7 +654,7 @@ spec: conditions: description: "Conditions represent the conditions that a QuayRegistry can have." items: - description: "Condition is a single condition of a QuayRegistry. Conditions should follow the \"abnormal-true\" principle in order to only bring the attention of users to \"broken\" states. Example: a condition of `type: \"Ready\", status: \"True\"“ is less useful and should be omitted whereas `type: \"NotReady\", status: \"True\"` is more useful when trying to monitor when something is wrong." + description: "Condition is a single condition of a QuayRegistry.\nConditions should follow the \"abnormal-true\" principle in order to only bring the attention of users to \"broken\" states.\nExample: a condition of `type: \"Ready\", status: \"True\"“ is less useful and should be omitted whereas `type: \"NotReady\", status: \"True\"`\nis more useful when trying to monitor when something is wrong." properties: lastTransitionTime: format: "date-time" diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml index e340f387d..ee3623b6a 100644 --- a/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml +++ b/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml @@ -7756,6 +7756,45 @@ spec: availableWorkerReplicas: format: "int32" type: "integer" + conditions: + items: + properties: + lastTransitionTime: + format: "date-time" + type: "string" + message: + maxLength: 32768 + type: "string" + observedGeneration: + format: "int64" + minimum: 0.0 + type: "integer" + reason: + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" desiredCPU: anyOf: - type: "integer" @@ -7791,6 +7830,8 @@ spec: properties: podIP: type: "string" + podName: + type: "string" serviceIP: type: "string" serviceName: diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml index 815b0651b..1140785b2 100644 --- a/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml +++ b/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml @@ -49,6 +49,10 @@ spec: activeDeadlineSeconds: format: "int32" type: "integer" + backoffLimit: + default: 0 + format: "int32" + type: "integer" clusterSelector: additionalProperties: type: "string" @@ -11386,6 +11390,10 @@ spec: endTime: format: "date-time" type: "string" + failed: + default: 0 + format: "int32" + type: "integer" jobDeploymentStatus: type: "string" jobId: @@ -11404,6 +11412,45 @@ spec: availableWorkerReplicas: format: "int32" type: "integer" + conditions: + items: + properties: + lastTransitionTime: + format: "date-time" + type: "string" + message: + maxLength: 32768 + type: "string" + observedGeneration: + format: "int64" + minimum: 0.0 + type: "integer" + reason: + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" desiredCPU: anyOf: - type: "integer" @@ -11439,6 +11486,8 @@ spec: properties: podIP: type: "string" + podName: + type: "string" serviceIP: type: "string" serviceName: @@ -11475,6 +11524,10 @@ spec: startTime: format: "date-time" type: "string" + succeeded: + default: 0 + format: "int32" + type: "integer" type: "object" type: "object" served: true diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml index bdb6b35ca..0d1d10c8f 100644 --- a/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml +++ b/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml @@ -7965,6 +7965,45 @@ spec: availableWorkerReplicas: format: "int32" type: "integer" + conditions: + items: + properties: + lastTransitionTime: + format: "date-time" + type: "string" + message: + maxLength: 32768 + type: "string" + observedGeneration: + format: "int64" + minimum: 0.0 + type: "integer" + reason: + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" desiredCPU: anyOf: - type: "integer" @@ -8000,6 +8039,8 @@ spec: properties: podIP: type: "string" + podName: + type: "string" serviceIP: type: "string" serviceName: @@ -8074,6 +8115,45 @@ spec: availableWorkerReplicas: format: "int32" type: "integer" + conditions: + items: + properties: + lastTransitionTime: + format: "date-time" + type: "string" + message: + maxLength: 32768 + type: "string" + observedGeneration: + format: "int64" + minimum: 0.0 + type: "integer" + reason: + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" desiredCPU: anyOf: - type: "integer" @@ -8109,6 +8189,8 @@ spec: properties: podIP: type: "string" + podName: + type: "string" serviceIP: type: "string" serviceName: diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephclusters.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephclusters.yaml index 11e1e9273..b7adaf018 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephclusters.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephclusters.yaml @@ -299,6 +299,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -339,6 +340,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -410,6 +412,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -450,6 +453,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -637,6 +641,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -714,11 +719,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -730,7 +737,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -776,6 +783,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -853,11 +861,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -869,7 +879,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -922,6 +932,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -999,11 +1010,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1015,7 +1028,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -1219,11 +1232,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -1235,11 +1250,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -1250,6 +1267,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -1266,11 +1284,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -1282,14 +1302,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -1315,11 +1338,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1349,11 +1374,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1364,6 +1391,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -1377,6 +1405,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -1393,11 +1422,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1427,11 +1458,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1442,12 +1475,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: properties: @@ -1469,11 +1504,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1503,11 +1540,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1518,6 +1557,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -1531,6 +1571,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -1547,11 +1588,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1581,11 +1624,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1596,12 +1641,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" tolerations: items: @@ -1635,11 +1682,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1766,6 +1815,9 @@ spec: description: "A spec for available storage in the cluster and how it should be used" nullable: true properties: + allowDeviceClassUpdate: + description: "Whether to allow updating the device class after the OSD is initially provisioned" + type: "boolean" backfillFullRatio: description: "BackfillFullRatio is the ratio at which the cluster is too full for backfill. Backfill will be disabled if above this threshold. Default is 0.90." maximum: 1.0 @@ -1930,6 +1982,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -2007,11 +2060,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2023,7 +2078,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -2081,11 +2136,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -2097,11 +2154,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -2112,6 +2171,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -2128,11 +2188,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -2144,14 +2206,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -2177,11 +2242,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2211,11 +2278,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2226,6 +2295,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -2239,6 +2309,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -2255,11 +2326,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2289,11 +2362,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2304,12 +2379,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: properties: @@ -2331,11 +2408,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2365,11 +2444,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2380,6 +2461,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -2393,6 +2475,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -2409,11 +2492,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2443,11 +2528,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2458,12 +2545,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" tolerations: items: @@ -2497,11 +2586,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2559,11 +2650,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -2575,11 +2668,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -2590,6 +2685,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -2606,11 +2702,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -2622,14 +2720,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -2655,11 +2756,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2689,11 +2792,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2704,6 +2809,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -2717,6 +2823,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -2733,11 +2840,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2767,11 +2876,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2782,12 +2893,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: properties: @@ -2809,11 +2922,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2843,11 +2958,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2858,6 +2975,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -2871,6 +2989,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -2887,11 +3006,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2921,11 +3042,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2936,12 +3059,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" tolerations: items: @@ -2975,11 +3100,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3095,6 +3222,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -3172,11 +3300,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3188,7 +3318,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -3258,6 +3388,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -3335,11 +3466,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3351,7 +3484,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephcosidrivers.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephcosidrivers.yaml index f0e631f89..b0b34b6c5 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephcosidrivers.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephcosidrivers.yaml @@ -64,11 +64,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -80,11 +82,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -95,6 +99,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -111,11 +116,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -127,14 +134,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -160,11 +170,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -194,11 +206,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -209,6 +223,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -222,6 +237,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -238,11 +254,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -272,11 +290,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -287,12 +307,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: properties: @@ -314,11 +336,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -348,11 +372,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -363,6 +389,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -376,6 +403,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -392,11 +420,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -426,11 +456,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -441,12 +473,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" tolerations: items: @@ -480,11 +514,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemmirrors.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemmirrors.yaml index daaa48874..fa347df89 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemmirrors.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystemmirrors.yaml @@ -69,11 +69,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -85,11 +87,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -100,6 +104,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -116,11 +121,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -132,14 +139,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -165,11 +175,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -199,11 +211,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -214,6 +228,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -227,6 +242,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -243,11 +259,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -277,11 +295,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -292,12 +312,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: properties: @@ -319,11 +341,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -353,11 +377,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -368,6 +394,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -381,6 +408,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -397,11 +425,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -431,11 +461,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -446,12 +478,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" tolerations: items: @@ -485,11 +519,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystems.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystems.yaml index 274ce611c..78eb20699 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystems.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystems.yaml @@ -427,6 +427,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -467,6 +468,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -539,11 +541,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -555,11 +559,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -570,6 +576,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -586,11 +593,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -602,14 +611,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -635,11 +647,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -669,11 +683,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -684,6 +700,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -697,6 +714,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -713,11 +731,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -747,11 +767,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -762,12 +784,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: properties: @@ -789,11 +813,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -823,11 +849,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -838,6 +866,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -851,6 +880,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -867,11 +897,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -901,11 +933,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -916,12 +950,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" tolerations: items: @@ -955,11 +991,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1052,6 +1090,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1092,6 +1131,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephnfses.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephnfses.yaml index f2b8b7c2a..55f7b46d2 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephnfses.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephnfses.yaml @@ -75,7 +75,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -133,11 +135,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -172,7 +176,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -218,6 +224,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: properties: @@ -236,7 +243,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -256,6 +265,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: properties: @@ -277,6 +287,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: type: "boolean" secretName: @@ -312,7 +323,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -370,11 +383,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -409,7 +424,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -455,6 +472,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: properties: @@ -473,7 +491,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -493,6 +513,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: properties: @@ -514,6 +535,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: type: "boolean" secretName: @@ -565,7 +587,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -623,11 +647,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -662,7 +688,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -708,6 +736,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: properties: @@ -726,7 +755,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -746,6 +777,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: properties: @@ -767,6 +799,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: type: "boolean" secretName: @@ -849,7 +882,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -907,11 +942,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -946,7 +983,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -992,6 +1031,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: properties: @@ -1010,7 +1050,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -1030,6 +1072,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: properties: @@ -1051,6 +1094,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: type: "boolean" secretName: @@ -1104,6 +1148,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1144,6 +1189,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1219,11 +1265,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -1235,11 +1283,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -1250,6 +1300,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -1266,11 +1317,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -1282,14 +1335,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -1315,11 +1371,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1349,11 +1407,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1364,6 +1424,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -1377,6 +1438,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -1393,11 +1455,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1427,11 +1491,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1442,12 +1508,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: properties: @@ -1469,11 +1537,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1503,11 +1573,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1518,6 +1590,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -1531,6 +1604,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -1547,11 +1621,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1581,11 +1657,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1596,12 +1674,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" tolerations: items: @@ -1635,11 +1715,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml index 951e630bd..6c24fcb38 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml @@ -292,11 +292,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -308,11 +310,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -323,6 +327,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -339,11 +344,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -355,14 +362,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -388,11 +398,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -422,11 +434,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -437,6 +451,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -450,6 +465,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -466,11 +482,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -500,11 +518,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -515,12 +535,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: properties: @@ -542,11 +564,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -576,11 +600,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -591,6 +617,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -604,6 +631,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -620,11 +648,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -654,11 +684,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -669,12 +701,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" tolerations: items: @@ -708,11 +742,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -835,6 +871,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -875,6 +912,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -944,6 +982,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -984,6 +1023,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephrbdmirrors.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephrbdmirrors.yaml index 90453c36d..aa2a39df6 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephrbdmirrors.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephrbdmirrors.yaml @@ -85,11 +85,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -101,11 +103,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -116,6 +120,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -132,11 +137,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -148,14 +155,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -181,11 +191,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -215,11 +227,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -230,6 +244,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -243,6 +258,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -259,11 +275,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -293,11 +311,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -308,12 +328,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: properties: @@ -335,11 +357,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -369,11 +393,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -384,6 +410,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -397,6 +424,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -413,11 +441,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -447,11 +477,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -462,12 +494,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" tolerations: items: @@ -501,11 +535,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1alpha1/nodeconfigs.yaml b/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1alpha1/nodeconfigs.yaml index 3c515e353..d93d7e770 100644 --- a/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1alpha1/nodeconfigs.yaml +++ b/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1alpha1/nodeconfigs.yaml @@ -82,7 +82,7 @@ spec: description: "fsType specifies the filesystem on the device." type: "string" mountPoint: - description: "mountPoint is a path where the device should be mounted at." + description: "mountPoint is a path where the device should be mounted at. If the mountPoint is a symlink, the mount will be set up for the target." type: "string" unsupportedOptions: description: "unsupportedOptions is a list of mount options used during device mounting. unsupported in this field name means that we won't support all the available options passed down using this field." diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routeoptions.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routeoptions.yaml index e6ba1610f..0fa944e75 100644 --- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routeoptions.yaml +++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routeoptions.yaml @@ -30,6 +30,135 @@ spec: type: "object" options: properties: + ai: + properties: + backupModels: + items: + type: "string" + type: "array" + defaults: + items: + properties: + field: + type: "string" + override: + type: "boolean" + value: + x-kubernetes-preserve-unknown-fields: true + type: "object" + type: "array" + promptEnrichment: + properties: + append: + items: + properties: + content: + type: "string" + role: + type: "string" + type: "object" + type: "array" + prepend: + items: + properties: + content: + type: "string" + role: + type: "string" + type: "object" + type: "array" + type: "object" + promptGuard: + properties: + request: + properties: + customResponseMessage: + type: "string" + matches: + items: + type: "string" + type: "array" + type: "object" + response: + properties: + builtins: + items: + type: "string" + x-kubernetes-int-or-string: true + type: "array" + matches: + items: + type: "string" + type: "array" + type: "object" + type: "object" + rag: + properties: + datastore: + properties: + postgres: + properties: + collectionName: + type: "string" + connectionString: + type: "string" + type: "object" + type: "object" + embedding: + properties: + openai: + properties: + authToken: + properties: + inline: + type: "string" + secretRef: + properties: + name: + type: "string" + namespace: + type: "string" + type: "object" + type: "object" + type: "object" + type: "object" + promptTemplate: + type: "string" + type: "object" + semanticCache: + properties: + datastore: + properties: + redis: + properties: + connectionString: + type: "string" + type: "object" + type: "object" + embedding: + properties: + openai: + properties: + authToken: + properties: + inline: + type: "string" + secretRef: + properties: + name: + type: "string" + namespace: + type: "string" + type: "object" + type: "object" + type: "object" + type: "object" + ttl: + maximum: 4294967295.0 + minimum: 0.0 + type: "integer" + type: "object" + type: "object" appendXForwardedHost: nullable: true type: "boolean" diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routetables.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routetables.yaml index 6945704db..6c4334479 100644 --- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routetables.yaml +++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routetables.yaml @@ -140,6 +140,135 @@ spec: type: "string" options: properties: + ai: + properties: + backupModels: + items: + type: "string" + type: "array" + defaults: + items: + properties: + field: + type: "string" + override: + type: "boolean" + value: + x-kubernetes-preserve-unknown-fields: true + type: "object" + type: "array" + promptEnrichment: + properties: + append: + items: + properties: + content: + type: "string" + role: + type: "string" + type: "object" + type: "array" + prepend: + items: + properties: + content: + type: "string" + role: + type: "string" + type: "object" + type: "array" + type: "object" + promptGuard: + properties: + request: + properties: + customResponseMessage: + type: "string" + matches: + items: + type: "string" + type: "array" + type: "object" + response: + properties: + builtins: + items: + type: "string" + x-kubernetes-int-or-string: true + type: "array" + matches: + items: + type: "string" + type: "array" + type: "object" + type: "object" + rag: + properties: + datastore: + properties: + postgres: + properties: + collectionName: + type: "string" + connectionString: + type: "string" + type: "object" + type: "object" + embedding: + properties: + openai: + properties: + authToken: + properties: + inline: + type: "string" + secretRef: + properties: + name: + type: "string" + namespace: + type: "string" + type: "object" + type: "object" + type: "object" + type: "object" + promptTemplate: + type: "string" + type: "object" + semanticCache: + properties: + datastore: + properties: + redis: + properties: + connectionString: + type: "string" + type: "object" + type: "object" + embedding: + properties: + openai: + properties: + authToken: + properties: + inline: + type: "string" + secretRef: + properties: + name: + type: "string" + namespace: + type: "string" + type: "object" + type: "object" + type: "object" + type: "object" + ttl: + maximum: 4294967295.0 + minimum: 0.0 + type: "integer" + type: "object" + type: "object" appendXForwardedHost: nullable: true type: "boolean" diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/virtualservices.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/virtualservices.yaml index 47af867e6..b0ac4f60a 100644 --- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/virtualservices.yaml +++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/virtualservices.yaml @@ -2973,6 +2973,135 @@ spec: type: "string" options: properties: + ai: + properties: + backupModels: + items: + type: "string" + type: "array" + defaults: + items: + properties: + field: + type: "string" + override: + type: "boolean" + value: + x-kubernetes-preserve-unknown-fields: true + type: "object" + type: "array" + promptEnrichment: + properties: + append: + items: + properties: + content: + type: "string" + role: + type: "string" + type: "object" + type: "array" + prepend: + items: + properties: + content: + type: "string" + role: + type: "string" + type: "object" + type: "array" + type: "object" + promptGuard: + properties: + request: + properties: + customResponseMessage: + type: "string" + matches: + items: + type: "string" + type: "array" + type: "object" + response: + properties: + builtins: + items: + type: "string" + x-kubernetes-int-or-string: true + type: "array" + matches: + items: + type: "string" + type: "array" + type: "object" + type: "object" + rag: + properties: + datastore: + properties: + postgres: + properties: + collectionName: + type: "string" + connectionString: + type: "string" + type: "object" + type: "object" + embedding: + properties: + openai: + properties: + authToken: + properties: + inline: + type: "string" + secretRef: + properties: + name: + type: "string" + namespace: + type: "string" + type: "object" + type: "object" + type: "object" + type: "object" + promptTemplate: + type: "string" + type: "object" + semanticCache: + properties: + datastore: + properties: + redis: + properties: + connectionString: + type: "string" + type: "object" + type: "object" + embedding: + properties: + openai: + properties: + authToken: + properties: + inline: + type: "string" + secretRef: + properties: + name: + type: "string" + namespace: + type: "string" + type: "object" + type: "object" + type: "object" + type: "object" + ttl: + maximum: 4294967295.0 + minimum: 0.0 + type: "integer" + type: "object" + type: "object" appendXForwardedHost: nullable: true type: "boolean" diff --git a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml index b95febd70..1405c96b6 100644 --- a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml +++ b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml @@ -20,6 +20,83 @@ spec: properties: spec: properties: + ai: + properties: + anthropic: + properties: + authToken: + properties: + inline: + type: "string" + secretRef: + properties: + name: + type: "string" + namespace: + type: "string" + type: "object" + type: "object" + customHost: + properties: + host: + type: "string" + port: + maximum: 4294967295.0 + minimum: 0.0 + type: "integer" + type: "object" + version: + type: "string" + type: "object" + mistral: + properties: + authToken: + properties: + inline: + type: "string" + secretRef: + properties: + name: + type: "string" + namespace: + type: "string" + type: "object" + type: "object" + customHost: + properties: + host: + type: "string" + port: + maximum: 4294967295.0 + minimum: 0.0 + type: "integer" + type: "object" + type: "object" + openai: + properties: + authToken: + properties: + inline: + type: "string" + secretRef: + properties: + name: + type: "string" + namespace: + type: "string" + type: "object" + type: "object" + customHost: + properties: + host: + type: "string" + port: + maximum: 4294967295.0 + minimum: 0.0 + type: "integer" + type: "object" + type: "object" + type: "object" aws: properties: awsAccountId: diff --git a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkabridges.yaml b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkabridges.yaml index 20579c914..292b46f89 100644 --- a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkabridges.yaml +++ b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkabridges.yaml @@ -93,9 +93,9 @@ spec: description: "The name of the Secret containing the certificate." type: "string" required: - - "key" - "secretName" - "certificate" + - "key" type: "object" clientId: description: "OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI." @@ -169,16 +169,27 @@ spec: tlsTrustedCertificates: description: "Trusted certificates for TLS connection to the OAuth server." items: + oneOf: + - properties: + certificate: {} + required: + - "certificate" + - properties: + pattern: {} + required: + - "pattern" properties: certificate: - description: "The name of the file certificate in the Secret." + description: "The name of the file certificate in the secret." + type: "string" + pattern: + description: "Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used." type: "string" secretName: description: "The name of the Secret containing the certificate." type: "string" required: - "secretName" - - "certificate" type: "object" type: "array" tokenEndpointUri: @@ -212,6 +223,12 @@ spec: description: "The Kafka consumer configuration used for consumer instances created by the bridge. Properties with the following prefixes cannot be set: ssl., bootstrap.servers, group.id, sasl., security. (with the exception of: ssl.endpoint.identification.algorithm, ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols)." type: "object" x-kubernetes-preserve-unknown-fields: true + enabled: + description: "Whether the HTTP consumer should be enabled or disabled, default is enabled." + type: "boolean" + timeoutSeconds: + description: "The timeout in seconds for deleting inactive consumers, default is -1 (disabled)." + type: "integer" type: "object" enableMetrics: description: "Enable the metrics for the Kafka Bridge. Default is false." @@ -338,6 +355,9 @@ spec: description: "The Kafka producer configuration used for producer instances created by the bridge. Properties with the following prefixes cannot be set: ssl., bootstrap.servers, sasl., security. (with the exception of: ssl.endpoint.identification.algorithm, ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols)." type: "object" x-kubernetes-preserve-unknown-fields: true + enabled: + description: "Whether the HTTP producer should be enabled or disabled, default is enabled." + type: "boolean" type: "object" rack: description: "Configuration of the node label which will be used as the client.rack consumer configuration." @@ -460,6 +480,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -576,6 +603,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -1008,6 +1042,13 @@ spec: securityContext: description: "Configures pod-level security attributes and common container settings." properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" fsGroup: type: "integer" fsGroupChangePolicy: @@ -1175,16 +1216,27 @@ spec: trustedCertificates: description: "Trusted certificates for TLS connection." items: + oneOf: + - properties: + certificate: {} + required: + - "certificate" + - properties: + pattern: {} + required: + - "pattern" properties: certificate: - description: "The name of the file certificate in the Secret." + description: "The name of the file certificate in the secret." + type: "string" + pattern: + description: "Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used." type: "string" secretName: description: "The name of the Secret containing the certificate." type: "string" required: - "secretName" - - "certificate" type: "object" type: "array" type: "object" diff --git a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkaconnectors.yaml b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkaconnectors.yaml index a5fd51977..c996d3abb 100644 --- a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkaconnectors.yaml +++ b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkaconnectors.yaml @@ -67,7 +67,7 @@ spec: description: "The Class for the Kafka Connector." type: "string" config: - description: "The Kafka Connector configuration. The following properties cannot be set: connector.class, tasks.max." + description: "The Kafka Connector configuration. The following properties cannot be set: name, connector.class, tasks.max." type: "object" x-kubernetes-preserve-unknown-fields: true pause: diff --git a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkaconnects.yaml b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkaconnects.yaml index b4ae7edeb..5ed7e0e16 100644 --- a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkaconnects.yaml +++ b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkaconnects.yaml @@ -80,9 +80,9 @@ spec: description: "The name of the Secret containing the certificate." type: "string" required: - - "key" - "secretName" - "certificate" + - "key" type: "object" clientId: description: "OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI." @@ -156,16 +156,27 @@ spec: tlsTrustedCertificates: description: "Trusted certificates for TLS connection to the OAuth server." items: + oneOf: + - properties: + certificate: {} + required: + - "certificate" + - properties: + pattern: {} + required: + - "pattern" properties: certificate: - description: "The name of the file certificate in the Secret." + description: "The name of the file certificate in the secret." + type: "string" + pattern: + description: "Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used." type: "string" secretName: description: "The name of the Secret containing the certificate." type: "string" required: - "secretName" - - "certificate" type: "object" type: "array" tokenEndpointUri: @@ -674,6 +685,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -1106,6 +1124,13 @@ spec: securityContext: description: "Configures pod-level security attributes and common container settings." properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" fsGroup: type: "integer" fsGroupChangePolicy: @@ -1282,6 +1307,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -1413,6 +1445,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -1863,6 +1902,13 @@ spec: securityContext: description: "Configures pod-level security attributes and common container settings." properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" fsGroup: type: "integer" fsGroupChangePolicy: @@ -2048,16 +2094,27 @@ spec: trustedCertificates: description: "Trusted certificates for TLS connection." items: + oneOf: + - properties: + certificate: {} + required: + - "certificate" + - properties: + pattern: {} + required: + - "pattern" properties: certificate: - description: "The name of the file certificate in the Secret." + description: "The name of the file certificate in the secret." + type: "string" + pattern: + description: "Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used." type: "string" secretName: description: "The name of the Secret containing the certificate." type: "string" required: - "secretName" - - "certificate" type: "object" type: "array" type: "object" diff --git a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormaker2s.yaml b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormaker2s.yaml index 41a7ee39e..9d70e8d93 100644 --- a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormaker2s.yaml +++ b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormaker2s.yaml @@ -91,9 +91,9 @@ spec: description: "The name of the Secret containing the certificate." type: "string" required: - - "key" - "secretName" - "certificate" + - "key" type: "object" clientId: description: "OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI." @@ -167,16 +167,27 @@ spec: tlsTrustedCertificates: description: "Trusted certificates for TLS connection to the OAuth server." items: + oneOf: + - properties: + certificate: {} + required: + - "certificate" + - properties: + pattern: {} + required: + - "pattern" properties: certificate: - description: "The name of the file certificate in the Secret." + description: "The name of the file certificate in the secret." + type: "string" + pattern: + description: "Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used." type: "string" secretName: description: "The name of the Secret containing the certificate." type: "string" required: - "secretName" - - "certificate" type: "object" type: "array" tokenEndpointUri: @@ -210,16 +221,27 @@ spec: trustedCertificates: description: "Trusted certificates for TLS connection." items: + oneOf: + - properties: + certificate: {} + required: + - "certificate" + - properties: + pattern: {} + required: + - "pattern" properties: certificate: - description: "The name of the file certificate in the Secret." + description: "The name of the file certificate in the secret." + type: "string" + pattern: + description: "Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used." type: "string" secretName: description: "The name of the Secret containing the certificate." type: "string" required: - "secretName" - - "certificate" type: "object" type: "array" type: "object" @@ -473,7 +495,7 @@ spec: type: "integer" type: "object" config: - description: "The Kafka Connector configuration. The following properties cannot be set: connector.class, tasks.max." + description: "The Kafka Connector configuration. The following properties cannot be set: name, connector.class, tasks.max." type: "object" x-kubernetes-preserve-unknown-fields: true pause: @@ -514,7 +536,7 @@ spec: type: "integer" type: "object" config: - description: "The Kafka Connector configuration. The following properties cannot be set: connector.class, tasks.max." + description: "The Kafka Connector configuration. The following properties cannot be set: name, connector.class, tasks.max." type: "object" x-kubernetes-preserve-unknown-fields: true pause: @@ -549,7 +571,7 @@ spec: type: "integer" type: "object" config: - description: "The Kafka Connector configuration. The following properties cannot be set: connector.class, tasks.max." + description: "The Kafka Connector configuration. The following properties cannot be set: name, connector.class, tasks.max." type: "object" x-kubernetes-preserve-unknown-fields: true pause: @@ -725,6 +747,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -1157,6 +1186,13 @@ spec: securityContext: description: "Configures pod-level security attributes and common container settings." properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" fsGroup: type: "integer" fsGroupChangePolicy: @@ -1333,6 +1369,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -1464,6 +1507,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -1914,6 +1964,13 @@ spec: securityContext: description: "Configures pod-level security attributes and common container settings." properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" fsGroup: type: "integer" fsGroupChangePolicy: diff --git a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormakers.yaml b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormakers.yaml index 76f622bec..5d5adbd4c 100644 --- a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormakers.yaml +++ b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormakers.yaml @@ -102,9 +102,9 @@ spec: description: "The name of the Secret containing the certificate." type: "string" required: - - "key" - "secretName" - "certificate" + - "key" type: "object" clientId: description: "OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI." @@ -178,16 +178,27 @@ spec: tlsTrustedCertificates: description: "Trusted certificates for TLS connection to the OAuth server." items: + oneOf: + - properties: + certificate: {} + required: + - "certificate" + - properties: + pattern: {} + required: + - "pattern" properties: certificate: - description: "The name of the file certificate in the Secret." + description: "The name of the file certificate in the secret." + type: "string" + pattern: + description: "Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used." type: "string" secretName: description: "The name of the Secret containing the certificate." type: "string" required: - "secretName" - - "certificate" type: "object" type: "array" tokenEndpointUri: @@ -231,16 +242,27 @@ spec: trustedCertificates: description: "Trusted certificates for TLS connection." items: + oneOf: + - properties: + certificate: {} + required: + - "certificate" + - properties: + pattern: {} + required: + - "pattern" properties: certificate: - description: "The name of the file certificate in the Secret." + description: "The name of the file certificate in the secret." + type: "string" + pattern: + description: "Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used." type: "string" secretName: description: "The name of the Secret containing the certificate." type: "string" required: - "secretName" - - "certificate" type: "object" type: "array" type: "object" @@ -408,9 +430,9 @@ spec: description: "The name of the Secret containing the certificate." type: "string" required: - - "key" - "secretName" - "certificate" + - "key" type: "object" clientId: description: "OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI." @@ -484,16 +506,27 @@ spec: tlsTrustedCertificates: description: "Trusted certificates for TLS connection to the OAuth server." items: + oneOf: + - properties: + certificate: {} + required: + - "certificate" + - properties: + pattern: {} + required: + - "pattern" properties: certificate: - description: "The name of the file certificate in the Secret." + description: "The name of the file certificate in the secret." + type: "string" + pattern: + description: "Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used." type: "string" secretName: description: "The name of the Secret containing the certificate." type: "string" required: - "secretName" - - "certificate" type: "object" type: "array" tokenEndpointUri: @@ -527,16 +560,27 @@ spec: trustedCertificates: description: "Trusted certificates for TLS connection." items: + oneOf: + - properties: + certificate: {} + required: + - "certificate" + - properties: + pattern: {} + required: + - "pattern" properties: certificate: - description: "The name of the file certificate in the Secret." + description: "The name of the file certificate in the secret." + type: "string" + pattern: + description: "Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used." type: "string" secretName: description: "The name of the Secret containing the certificate." type: "string" required: - "secretName" - - "certificate" type: "object" type: "array" type: "object" @@ -645,6 +689,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -1077,6 +1128,13 @@ spec: securityContext: description: "Configures pod-level security attributes and common container settings." properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" fsGroup: type: "integer" fsGroupChangePolicy: diff --git a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkas.yaml b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkas.yaml index 3c709db72..55c59e0c9 100644 --- a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkas.yaml +++ b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkas.yaml @@ -385,6 +385,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -841,6 +848,13 @@ spec: securityContext: description: "Configures pod-level security attributes and common container settings." properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" fsGroup: type: "integer" fsGroupChangePolicy: @@ -1021,6 +1035,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -1597,6 +1618,13 @@ spec: securityContext: description: "Configures pod-level security attributes and common container settings." properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" fsGroup: type: "integer" fsGroupChangePolicy: @@ -1755,6 +1783,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -1829,6 +1864,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -1921,6 +1963,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -2205,8 +2254,12 @@ spec: minimum: 1.0 type: "integer" type: "object" + reconciliationIntervalMs: + description: "Interval between periodic reconciliations in milliseconds." + minimum: 0.0 + type: "integer" reconciliationIntervalSeconds: - description: "Interval between periodic reconciliations." + description: "Interval between periodic reconciliations in seconds. Ignored if reconciliationIntervalMs is set." minimum: 0.0 type: "integer" resources: @@ -2389,8 +2442,12 @@ spec: minimum: 1.0 type: "integer" type: "object" + reconciliationIntervalMs: + description: "Interval between periodic reconciliations in milliseconds." + minimum: 0.0 + type: "integer" reconciliationIntervalSeconds: - description: "Interval between periodic reconciliations." + description: "Interval between periodic reconciliations in seconds. Ignored if reconciliationIntervalMs is set." minimum: 0.0 type: "integer" resources: @@ -2543,6 +2600,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -2999,6 +3063,13 @@ spec: securityContext: description: "Configures pod-level security attributes and common container settings." properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" fsGroup: type: "integer" fsGroupChangePolicy: @@ -3220,16 +3291,27 @@ spec: tlsTrustedCertificates: description: "Trusted certificates for TLS connection to the OAuth server." items: + oneOf: + - properties: + certificate: {} + required: + - "certificate" + - properties: + pattern: {} + required: + - "pattern" properties: certificate: - description: "The name of the file certificate in the Secret." + description: "The name of the file certificate in the secret." + type: "string" + pattern: + description: "Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used." type: "string" secretName: description: "The name of the Secret containing the certificate." type: "string" required: - "secretName" - - "certificate" type: "object" type: "array" tokenEndpointUri: @@ -3254,7 +3336,7 @@ spec: description: "The image of the init container used for initializing the `broker.rack`." type: "string" config: - description: "Kafka broker config properties with the following prefixes cannot be set: listeners, advertised., broker., listener., host.name, port, inter.broker.listener.name, sasl., ssl., security., password., log.dir, zookeeper.connect, zookeeper.set.acl, zookeeper.ssl, zookeeper.clientCnxnSocket, authorizer., super.user, cruise.control.metrics.topic, cruise.control.metrics.reporter.bootstrap.servers, node.id, process.roles, controller., metadata.log.dir, zookeeper.metadata.migration.enable (with the exception of: zookeeper.connection.timeout.ms, sasl.server.max.receive.size, ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols, ssl.secure.random.implementation, cruise.control.metrics.topic.num.partitions, cruise.control.metrics.topic.replication.factor, cruise.control.metrics.topic.retention.ms, cruise.control.metrics.topic.auto.create.retries, cruise.control.metrics.topic.auto.create.timeout.ms, cruise.control.metrics.topic.min.insync.replicas, controller.quorum.election.backoff.max.ms, controller.quorum.election.timeout.ms, controller.quorum.fetch.timeout.ms)." + description: "Kafka broker config properties with the following prefixes cannot be set: listeners, advertised., broker., listener., host.name, port, inter.broker.listener.name, sasl., ssl., security., password., log.dir, zookeeper.connect, zookeeper.set.acl, zookeeper.ssl, zookeeper.clientCnxnSocket, authorizer., super.user, cruise.control.metrics.topic, cruise.control.metrics.reporter.bootstrap.servers, node.id, process.roles, controller., metadata.log.dir, zookeeper.metadata.migration.enable, client.quota.callback.static.kafka.admin., client.quota.callback.static.produce, client.quota.callback.static.fetch, client.quota.callback.static.storage.per.volume.limit.min.available., client.quota.callback.static.excluded.principal.name.list (with the exception of: zookeeper.connection.timeout.ms, sasl.server.max.receive.size, ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols, ssl.secure.random.implementation, cruise.control.metrics.topic.num.partitions, cruise.control.metrics.topic.replication.factor, cruise.control.metrics.topic.retention.ms, cruise.control.metrics.topic.auto.create.retries, cruise.control.metrics.topic.auto.create.timeout.ms, cruise.control.metrics.topic.min.insync.replicas, controller.quorum.election.backoff.max.ms, controller.quorum.election.timeout.ms, controller.quorum.fetch.timeout.ms)." type: "object" x-kubernetes-preserve-unknown-fields: true image: @@ -3445,16 +3527,27 @@ spec: tlsTrustedCertificates: description: "Trusted certificates for TLS connection to the OAuth server." items: + oneOf: + - properties: + certificate: {} + required: + - "certificate" + - properties: + pattern: {} + required: + - "pattern" properties: certificate: - description: "The name of the file certificate in the Secret." + description: "The name of the file certificate in the secret." + type: "string" + pattern: + description: "Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used." type: "string" secretName: description: "The name of the Secret containing the certificate." type: "string" required: - "secretName" - - "certificate" type: "object" type: "array" tokenEndpointUri: @@ -3532,9 +3625,9 @@ spec: description: "The name of the Secret containing the certificate." type: "string" required: - - "key" - "secretName" - "certificate" + - "key" type: "object" brokers: description: "Per-broker configurations." @@ -3629,6 +3722,9 @@ spec: - "InternalDNS" - "Hostname" type: "string" + publishNotReadyAddresses: + description: "Configures whether the service endpoints are considered \"ready\" even if the Pods themselves are not. Defaults to `false`. This field can not be used with `internal` type listeners." + type: "boolean" useServiceDnsDomain: description: "Configures whether the Kubernetes service DNS domain should be used or not. If set to `true`, the generated addresses will contain the service DNS domain suffix (by default `.cluster.local`, can be configured using environment variable `KUBERNETES_SERVICE_DNS_DOMAIN`). Defaults to `false`.This field can be used only with `internal` and `cluster-ip` type listeners." type: "boolean" @@ -3801,6 +3897,48 @@ spec: - "type" - "valueFrom" type: "object" + quotas: + description: "Quotas plugin configuration for Kafka brokers allows setting quotas for disk usage, produce/fetch rates, and more. Supported plugin types include `kafka` (default) and `strimzi`. If not specified, the default `kafka` quotas plugin is used." + properties: + consumerByteRate: + description: "A per-broker byte-rate quota for clients consuming from a broker, independent of their number. If clients consume at maximum speed, the quota is shared equally between all non-excluded consumers. Otherwise, the quota is divided based on each client's consumption rate." + minimum: 0.0 + type: "integer" + controllerMutationRate: + description: "The default client quota on the rate at which mutations are accepted per second for create topic requests, create partition requests, and delete topic requests, defined for each broker. The mutations rate is measured by the number of partitions created or deleted. Applied on a per-broker basis." + minimum: 0.0 + type: "number" + excludedPrincipals: + description: "List of principals that are excluded from the quota. The principals have to be prefixed with `User:`, for example `User:my-user;User:CN=my-other-user`." + items: + type: "string" + type: "array" + minAvailableBytesPerVolume: + description: "Stop message production if the available size (in bytes) of the storage is lower than or equal to this specified value. This condition is mutually exclusive with `minAvailableRatioPerVolume`." + minimum: 0.0 + type: "integer" + minAvailableRatioPerVolume: + description: "Stop message production if the percentage of available storage space falls below or equals the specified ratio (set as a decimal representing a percentage). This condition is mutually exclusive with `minAvailableBytesPerVolume`." + maximum: 1.0 + minimum: 0.0 + type: "number" + producerByteRate: + description: "A per-broker byte-rate quota for clients producing to a broker, independent of their number. If clients produce at maximum speed, the quota is shared equally between all non-excluded producers. Otherwise, the quota is divided based on each client's production rate." + minimum: 0.0 + type: "integer" + requestPercentage: + description: "The default client quota limits the maximum CPU utilization of each client as a percentage of the network and I/O threads of each broker. Applied on a per-broker basis." + minimum: 0.0 + type: "integer" + type: + description: "Quotas plugin type. Currently, the supported types are `kafka` and `strimzi`. `kafka` quotas type uses Kafka's built-in quotas plugin. `strimzi` quotas type uses Strimzi quotas plugin." + enum: + - "kafka" + - "strimzi" + type: "string" + required: + - "type" + type: "object" rack: description: "Configuration of the `broker.rack` broker config." properties: @@ -4150,6 +4288,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -4242,6 +4387,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -4746,6 +4898,13 @@ spec: securityContext: description: "Configures pod-level security attributes and common container settings." properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" fsGroup: type: "integer" fsGroupChangePolicy: @@ -5100,6 +5259,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: @@ -5556,6 +5722,13 @@ spec: securityContext: description: "Configures pod-level security attributes and common container settings." properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" fsGroup: type: "integer" fsGroupChangePolicy: @@ -6452,6 +6625,13 @@ spec: securityContext: description: "Configures pod-level security attributes and common container settings." properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" fsGroup: type: "integer" fsGroupChangePolicy: @@ -6674,6 +6854,13 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + type: "object" capabilities: properties: add: diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/installations.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/installations.yaml index 2b4326132..1d76ee067 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/installations.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/installations.yaml @@ -553,9 +553,10 @@ spec: description: "CalicoKubeControllersDeploymentContainer is a calico-kube-controllers Deployment container." properties: name: - description: "Name is an enum which identifies the calico-kube-controllers Deployment container by name.\nSupported values are: calico-kube-controllers" + description: "Name is an enum which identifies the calico-kube-controllers Deployment container by name.\nSupported values are: calico-kube-controllers, es-calico-kube-controllers" enum: - "calico-kube-controllers" + - "es-calico-kube-controllers" type: "string" resources: description: "Resources allows customization of limits and requests for compute resources such as cpu and memory.\nIf specified, this overrides the named calico-kube-controllers Deployment container's resources.\nIf omitted, the calico-kube-controllers Deployment will use its default value for this container's resources.\nIf used in conjunction with the deprecated ComponentResources, then this value takes precedence." @@ -703,6 +704,7 @@ spec: - "Iptables" - "BPF" - "VPP" + - "Nftables" type: "string" linuxPolicySetupTimeoutSeconds: description: "LinuxPolicySetupTimeoutSeconds delays new pods from running containers\nuntil their policy has been programmed in the dataplane.\nThe specified delay defines the maximum amount of time\nthat the Calico CNI plugin will wait for policy to be programmed.\nOnly applies to pods created on Linux nodes.\n* A value of 0 disables pod startup delays.\nDefault: 0" @@ -5006,9 +5008,10 @@ spec: description: "CalicoKubeControllersDeploymentContainer is a calico-kube-controllers Deployment container." properties: name: - description: "Name is an enum which identifies the calico-kube-controllers Deployment container by name.\nSupported values are: calico-kube-controllers" + description: "Name is an enum which identifies the calico-kube-controllers Deployment container by name.\nSupported values are: calico-kube-controllers, es-calico-kube-controllers" enum: - "calico-kube-controllers" + - "es-calico-kube-controllers" type: "string" resources: description: "Resources allows customization of limits and requests for compute resources such as cpu and memory.\nIf specified, this overrides the named calico-kube-controllers Deployment container's resources.\nIf omitted, the calico-kube-controllers Deployment will use its default value for this container's resources.\nIf used in conjunction with the deprecated ComponentResources, then this value takes precedence." @@ -5156,6 +5159,7 @@ spec: - "Iptables" - "BPF" - "VPP" + - "Nftables" type: "string" linuxPolicySetupTimeoutSeconds: description: "LinuxPolicySetupTimeoutSeconds delays new pods from running containers\nuntil their policy has been programmed in the dataplane.\nThe specified delay defines the maximum amount of time\nthat the Calico CNI plugin will wait for policy to be programmed.\nOnly applies to pods created on Linux nodes.\n* A value of 0 disables pod startup delays.\nDefault: 0" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/tenants.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/tenants.yaml index 68415528d..52d217aec 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/tenants.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/tenants.yaml @@ -112,6 +112,608 @@ spec: - "mutualTLS" - "url" type: "object" + esKubeControllerDeployment: + description: "ESKubeControllerDeployment configures the ESKubeController Deployment." + properties: + metadata: + description: "Metadata is a subset of a Kubernetes object's metadata that is added to the Deployment." + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is a map of arbitrary non-identifying metadata. Each of these\nkey/value pairs are added to the object's annotations provided the key does not\nalready exist in the object's annotations." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels is a map of string keys and values that may match replicaset and\nservice selectors. Each of these key/value pairs are added to the\nobject's labels provided the key does not already exist in the object's labels." + type: "object" + type: "object" + spec: + description: "Spec is the specification of the calico-kube-controllers Deployment." + properties: + minReadySeconds: + description: "MinReadySeconds is the minimum number of seconds for which a newly created Deployment pod should\nbe ready without any of its container crashing, for it to be considered available.\nIf specified, this overrides any minReadySeconds value that may be set on the calico-kube-controllers Deployment.\nIf omitted, the calico-kube-controllers Deployment will use its default value for minReadySeconds." + format: "int32" + maximum: 2147483647.0 + minimum: 0.0 + type: "integer" + template: + description: "Template describes the calico-kube-controllers Deployment pod that will be created." + properties: + metadata: + description: "Metadata is a subset of a Kubernetes object's metadata that is added to\nthe pod's metadata." + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is a map of arbitrary non-identifying metadata. Each of these\nkey/value pairs are added to the object's annotations provided the key does not\nalready exist in the object's annotations." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels is a map of string keys and values that may match replicaset and\nservice selectors. Each of these key/value pairs are added to the\nobject's labels provided the key does not already exist in the object's labels." + type: "object" + type: "object" + spec: + description: "Spec is the calico-kube-controllers Deployment's PodSpec." + properties: + affinity: + description: "Affinity is a group of affinity scheduling rules for the calico-kube-controllers pods.\nIf specified, this overrides any affinity that may be set on the calico-kube-controllers Deployment.\nIf omitted, the calico-kube-controllers Deployment will use its default value for affinity.\nWARNING: Please note that this field will override the default calico-kube-controllers Deployment affinity." + properties: + nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." + items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + properties: + preference: + description: "A node selector term, associated with the corresponding weight." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." + format: "int32" + type: "integer" + required: + - "preference" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." + properties: + nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." + items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + required: + - "nodeSelectorTerms" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + type: "object" + containers: + description: "Containers is a list of calico-kube-controllers containers.\nIf specified, this overrides the specified calico-kube-controllers Deployment containers.\nIf omitted, the calico-kube-controllers Deployment will use its default values for its containers." + items: + description: "CalicoKubeControllersDeploymentContainer is a calico-kube-controllers Deployment container." + properties: + name: + description: "Name is an enum which identifies the calico-kube-controllers Deployment container by name.\nSupported values are: calico-kube-controllers, es-calico-kube-controllers" + enum: + - "calico-kube-controllers" + - "es-calico-kube-controllers" + type: "string" + resources: + description: "Resources allows customization of limits and requests for compute resources such as cpu and memory.\nIf specified, this overrides the named calico-kube-controllers Deployment container's resources.\nIf omitted, the calico-kube-controllers Deployment will use its default value for this container's resources.\nIf used in conjunction with the deprecated ComponentResources, then this value takes precedence." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + required: + - "name" + type: "object" + type: "array" + nodeSelector: + additionalProperties: + type: "string" + description: "NodeSelector is the calico-kube-controllers pod's scheduling constraints.\nIf specified, each of the key/value pairs are added to the calico-kube-controllers Deployment nodeSelector provided\nthe key does not already exist in the object's nodeSelector.\nIf used in conjunction with ControlPlaneNodeSelector, that nodeSelector is set on the calico-kube-controllers Deployment\nand each of this field's key/value pairs are added to the calico-kube-controllers Deployment nodeSelector provided\nthe key does not already exist in the object's nodeSelector.\nIf omitted, the calico-kube-controllers Deployment will use its default value for nodeSelector.\nWARNING: Please note that this field will modify the default calico-kube-controllers Deployment nodeSelector." + type: "object" + tolerations: + description: "Tolerations is the calico-kube-controllers pod's tolerations.\nIf specified, this overrides any tolerations that may be set on the calico-kube-controllers Deployment.\nIf omitted, the calico-kube-controllers Deployment will use its default value for tolerations.\nWARNING: Please note that this field will override the default calico-kube-controllers Deployment tolerations." + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." + properties: + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + type: "string" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." + type: "string" + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." + type: "string" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." + type: "string" + type: "object" + type: "array" + type: "object" + type: "object" + type: "object" + type: "object" id: description: "ID is the unique identifier for this tenant." type: "string" diff --git a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/hardware.yaml b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/hardware.yaml index 7cc56b0d9..ddf49a8f3 100644 --- a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/hardware.yaml +++ b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/hardware.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "hardware.tinkerbell.org" spec: group: "tinkerbell.org" @@ -328,7 +328,6 @@ spec: type: "string" type: "object" state: - default: "provisioning" type: "string" type: "object" resources: diff --git a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/osies.yaml b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/osies.yaml index a44d54036..2506c3fad 100644 --- a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/osies.yaml +++ b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/osies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "osies.tinkerbell.org" spec: group: "tinkerbell.org" diff --git a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/templates.yaml b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/templates.yaml index 4bf4da290..5109981db 100644 --- a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/templates.yaml +++ b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/templates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "templates.tinkerbell.org" spec: group: "tinkerbell.org" diff --git a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/workflows.yaml b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/workflows.yaml index 049630a72..9e24fa2f5 100644 --- a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/workflows.yaml +++ b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/workflows.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "workflows.tinkerbell.org" spec: group: "tinkerbell.org" diff --git a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/hardware.yaml b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/hardware.yaml index 9388656e6..91ce6453f 100644 --- a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/hardware.yaml +++ b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/hardware.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "hardware.tinkerbell.org" spec: group: "tinkerbell.org" @@ -41,7 +41,8 @@ spec: description: "BMCRef references a Rufio Machine object." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -132,7 +133,8 @@ spec: description: "OSIE describes the Operating System Installation Environment to be netbooted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/osies.yaml b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/osies.yaml index b05467690..5a5b2748c 100644 --- a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/osies.yaml +++ b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/osies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "osies.tinkerbell.org" spec: group: "tinkerbell.org" diff --git a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/templates.yaml b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/templates.yaml index 24f35280c..8ec3b5ad4 100644 --- a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/templates.yaml +++ b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/templates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "templates.tinkerbell.org" spec: group: "tinkerbell.org" diff --git a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/workflows.yaml b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/workflows.yaml index 5f5c5dcf1..f31c52e28 100644 --- a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/workflows.yaml +++ b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha2/workflows.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "workflows.tinkerbell.org" spec: group: "tinkerbell.org" @@ -49,7 +49,8 @@ spec: description: "HardwareRef is a reference to a Hardware resource this workflow will execute on." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -62,7 +63,8 @@ spec: description: "TemplateRef is a reference to a Template resource used to render workflow actions." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/volcano-sh/volcano/batch.volcano.sh/v1alpha1/jobs.yaml b/crd-catalog/volcano-sh/volcano/batch.volcano.sh/v1alpha1/jobs.yaml index 42123c70b..79f3b5813 100644 --- a/crd-catalog/volcano-sh/volcano/batch.volcano.sh/v1alpha1/jobs.yaml +++ b/crd-catalog/volcano-sh/volcano/batch.volcano.sh/v1alpha1/jobs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "jobs.batch.volcano.sh" spec: group: "batch.volcano.sh" @@ -174,11 +174,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -190,11 +192,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -205,6 +209,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -221,11 +226,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -237,14 +244,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -270,11 +280,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -304,11 +316,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -319,6 +333,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -332,6 +347,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -348,11 +364,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -382,11 +400,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -397,12 +417,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: properties: @@ -424,11 +446,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -458,11 +482,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -473,6 +499,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -486,6 +513,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -502,11 +530,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -536,11 +566,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -551,12 +583,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" automountServiceAccountToken: @@ -568,10 +602,12 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: items: properties: @@ -586,6 +622,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -624,6 +661,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -636,12 +674,16 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: items: properties: configMapRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -652,6 +694,7 @@ spec: secretRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -659,6 +702,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: type: "string" imagePullPolicy: @@ -673,6 +717,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: properties: @@ -690,6 +735,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -731,6 +777,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: properties: @@ -748,6 +795,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -790,6 +838,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -820,6 +869,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -894,6 +944,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -924,6 +975,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -1014,16 +1066,27 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + required: + - "type" + type: "object" capabilities: properties: add: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: type: "boolean" @@ -1079,6 +1142,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -1109,6 +1173,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -1171,6 +1236,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: items: properties: @@ -1182,6 +1250,8 @@ spec: type: "string" readOnly: type: "boolean" + recursiveReadOnly: + type: "string" subPath: type: "string" subPathExpr: @@ -1191,18 +1261,25 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: type: "string" required: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" dnsConfig: properties: nameservers: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" options: items: properties: @@ -1212,10 +1289,12 @@ spec: type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" searches: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" dnsPolicy: type: "string" @@ -1228,10 +1307,12 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: items: properties: @@ -1246,6 +1327,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -1284,6 +1366,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -1296,12 +1379,16 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: items: properties: configMapRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -1312,6 +1399,7 @@ spec: secretRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -1319,6 +1407,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: type: "string" imagePullPolicy: @@ -1333,6 +1422,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: properties: @@ -1350,6 +1440,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -1391,6 +1482,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: properties: @@ -1408,6 +1500,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -1450,6 +1543,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -1480,6 +1574,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -1554,6 +1649,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -1584,6 +1680,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -1674,16 +1771,27 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + required: + - "type" + type: "object" capabilities: properties: add: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: type: "boolean" @@ -1739,6 +1847,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -1769,6 +1878,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -1833,6 +1943,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: items: properties: @@ -1844,6 +1957,8 @@ spec: type: "string" readOnly: type: "boolean" + recursiveReadOnly: + type: "string" subPath: type: "string" subPathExpr: @@ -1853,12 +1968,18 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: type: "string" required: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" hostAliases: items: properties: @@ -1866,10 +1987,16 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" ip: type: "string" + required: + - "ip" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "ip" + x-kubernetes-list-type: "map" hostIPC: type: "boolean" hostNetwork: @@ -1884,10 +2011,14 @@ spec: items: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" initContainers: items: properties: @@ -1895,10 +2026,12 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: items: properties: @@ -1913,6 +2046,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -1951,6 +2085,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -1963,12 +2098,16 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: items: properties: configMapRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -1979,6 +2118,7 @@ spec: secretRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -1986,6 +2126,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: type: "string" imagePullPolicy: @@ -2000,6 +2141,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: properties: @@ -2017,6 +2159,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -2058,6 +2201,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: properties: @@ -2075,6 +2219,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -2117,6 +2262,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -2147,6 +2293,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -2221,6 +2368,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -2251,6 +2399,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -2341,16 +2490,27 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + required: + - "type" + type: "object" capabilities: properties: add: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: type: "boolean" @@ -2406,6 +2566,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -2436,6 +2597,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -2498,6 +2660,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: items: properties: @@ -2509,6 +2674,8 @@ spec: type: "string" readOnly: type: "boolean" + recursiveReadOnly: + type: "string" subPath: type: "string" subPathExpr: @@ -2518,12 +2685,18 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: type: "string" required: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" nodeName: type: "string" nodeSelector: @@ -2562,6 +2735,7 @@ spec: - "conditionType" type: "object" type: "array" + x-kubernetes-list-type: "atomic" resourceClaims: items: properties: @@ -2601,6 +2775,15 @@ spec: x-kubernetes-list-type: "map" securityContext: properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + required: + - "type" + type: "object" fsGroup: format: "int64" type: "integer" @@ -2639,6 +2822,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: items: properties: @@ -2651,6 +2835,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: properties: gmsaCredentialSpec: @@ -2692,6 +2877,7 @@ spec: type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" topologySpreadConstraints: items: properties: @@ -2708,11 +2894,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2801,6 +2989,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" readOnly: @@ -2810,6 +2999,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2827,6 +3017,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2855,7 +3046,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -2870,6 +3063,7 @@ spec: nodePublishSecretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2925,6 +3119,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: properties: @@ -2966,6 +3161,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: properties: apiGroup: @@ -3025,11 +3221,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3062,10 +3260,12 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: properties: @@ -3082,6 +3282,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3162,11 +3363,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: type: "boolean" secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3243,11 +3446,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3282,7 +3487,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -3328,6 +3535,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: properties: @@ -3346,7 +3554,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -3366,6 +3576,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: properties: @@ -3397,6 +3608,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: type: "string" readOnly: @@ -3404,6 +3616,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3426,6 +3639,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3464,6 +3678,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: type: "boolean" secretName: @@ -3478,6 +3693,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3503,6 +3719,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" required: - "containers" type: "object" @@ -3525,6 +3744,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: properties: apiGroup: @@ -3584,11 +3804,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/volcano-sh/volcano/bus.volcano.sh/v1alpha1/commands.yaml b/crd-catalog/volcano-sh/volcano/bus.volcano.sh/v1alpha1/commands.yaml index 4c8d8c0c8..6e93cec49 100644 --- a/crd-catalog/volcano-sh/volcano/bus.volcano.sh/v1alpha1/commands.yaml +++ b/crd-catalog/volcano-sh/volcano/bus.volcano.sh/v1alpha1/commands.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "commands.bus.volcano.sh" spec: group: "bus.volcano.sh" diff --git a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml index 49ad99ea8..ca013d66d 100644 --- a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml +++ b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "jobflows.flow.volcano.sh" spec: group: "flow.volcano.sh" diff --git a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml index 8ea570f56..eac1e4022 100644 --- a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml +++ b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "jobtemplates.flow.volcano.sh" spec: group: "flow.volcano.sh" @@ -156,11 +156,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -172,11 +174,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -187,6 +191,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -203,11 +208,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: items: properties: @@ -219,14 +226,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -252,11 +262,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -286,11 +298,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -301,6 +315,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -314,6 +329,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -330,11 +346,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -364,11 +382,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -379,12 +399,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: properties: @@ -406,11 +428,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -440,11 +464,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -455,6 +481,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: @@ -468,6 +495,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -484,11 +512,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -518,11 +548,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -533,12 +565,14 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" automountServiceAccountToken: @@ -550,10 +584,12 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: items: properties: @@ -568,6 +604,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -606,6 +643,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -618,12 +656,16 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: items: properties: configMapRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -634,6 +676,7 @@ spec: secretRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -641,6 +684,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: type: "string" imagePullPolicy: @@ -655,6 +699,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: properties: @@ -672,6 +717,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -713,6 +759,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: properties: @@ -730,6 +777,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -772,6 +820,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -802,6 +851,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -876,6 +926,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -906,6 +957,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -996,16 +1048,27 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + required: + - "type" + type: "object" capabilities: properties: add: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: type: "boolean" @@ -1061,6 +1124,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -1091,6 +1155,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -1153,6 +1218,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: items: properties: @@ -1164,6 +1232,8 @@ spec: type: "string" readOnly: type: "boolean" + recursiveReadOnly: + type: "string" subPath: type: "string" subPathExpr: @@ -1173,18 +1243,25 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: type: "string" required: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" dnsConfig: properties: nameservers: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" options: items: properties: @@ -1194,10 +1271,12 @@ spec: type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" searches: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" dnsPolicy: type: "string" @@ -1210,10 +1289,12 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: items: properties: @@ -1228,6 +1309,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -1266,6 +1348,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -1278,12 +1361,16 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: items: properties: configMapRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -1294,6 +1381,7 @@ spec: secretRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -1301,6 +1389,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: type: "string" imagePullPolicy: @@ -1315,6 +1404,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: properties: @@ -1332,6 +1422,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -1373,6 +1464,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: properties: @@ -1390,6 +1482,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -1432,6 +1525,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -1462,6 +1556,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -1536,6 +1631,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -1566,6 +1662,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -1656,16 +1753,27 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + required: + - "type" + type: "object" capabilities: properties: add: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: type: "boolean" @@ -1721,6 +1829,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -1751,6 +1860,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -1815,6 +1925,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: items: properties: @@ -1826,6 +1939,8 @@ spec: type: "string" readOnly: type: "boolean" + recursiveReadOnly: + type: "string" subPath: type: "string" subPathExpr: @@ -1835,12 +1950,18 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: type: "string" required: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" hostAliases: items: properties: @@ -1848,10 +1969,16 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" ip: type: "string" + required: + - "ip" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "ip" + x-kubernetes-list-type: "map" hostIPC: type: "boolean" hostNetwork: @@ -1866,10 +1993,14 @@ spec: items: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" initContainers: items: properties: @@ -1877,10 +2008,12 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: items: properties: @@ -1895,6 +2028,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -1933,6 +2067,7 @@ spec: key: type: "string" name: + default: "" type: "string" optional: type: "boolean" @@ -1945,12 +2080,16 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: items: properties: configMapRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -1961,6 +2100,7 @@ spec: secretRef: properties: name: + default: "" type: "string" optional: type: "boolean" @@ -1968,6 +2108,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: type: "string" imagePullPolicy: @@ -1982,6 +2123,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: properties: @@ -1999,6 +2141,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -2040,6 +2183,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: properties: @@ -2057,6 +2201,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -2099,6 +2244,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -2129,6 +2275,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -2203,6 +2350,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -2233,6 +2381,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -2323,16 +2472,27 @@ spec: properties: allowPrivilegeEscalation: type: "boolean" + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + required: + - "type" + type: "object" capabilities: properties: add: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: type: "boolean" @@ -2388,6 +2548,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: format: "int32" @@ -2418,6 +2579,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" port: @@ -2480,6 +2642,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: items: properties: @@ -2491,6 +2656,8 @@ spec: type: "string" readOnly: type: "boolean" + recursiveReadOnly: + type: "string" subPath: type: "string" subPathExpr: @@ -2500,12 +2667,18 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: type: "string" required: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" nodeName: type: "string" nodeSelector: @@ -2544,6 +2717,7 @@ spec: - "conditionType" type: "object" type: "array" + x-kubernetes-list-type: "atomic" resourceClaims: items: properties: @@ -2583,6 +2757,15 @@ spec: x-kubernetes-list-type: "map" securityContext: properties: + appArmorProfile: + properties: + localhostProfile: + type: "string" + type: + type: "string" + required: + - "type" + type: "object" fsGroup: format: "int64" type: "integer" @@ -2621,6 +2804,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: items: properties: @@ -2633,6 +2817,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: properties: gmsaCredentialSpec: @@ -2674,6 +2859,7 @@ spec: type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" topologySpreadConstraints: items: properties: @@ -2690,11 +2876,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2783,6 +2971,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: type: "string" readOnly: @@ -2792,6 +2981,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2809,6 +2999,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2837,7 +3028,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -2852,6 +3045,7 @@ spec: nodePublishSecretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2907,6 +3101,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: properties: @@ -2948,6 +3143,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: properties: apiGroup: @@ -3007,11 +3203,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3044,10 +3242,12 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: properties: @@ -3064,6 +3264,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3144,11 +3345,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: type: "boolean" secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3225,11 +3428,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3264,7 +3469,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -3310,6 +3517,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: properties: @@ -3328,7 +3536,9 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: + default: "" type: "string" optional: type: "boolean" @@ -3348,6 +3558,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: properties: @@ -3379,6 +3590,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: type: "string" readOnly: @@ -3386,6 +3598,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3408,6 +3621,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3446,6 +3660,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: type: "boolean" secretName: @@ -3460,6 +3675,7 @@ spec: secretRef: properties: name: + default: "" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3485,6 +3701,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" required: - "containers" type: "object" @@ -3507,6 +3726,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: properties: apiGroup: @@ -3566,11 +3786,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/volcano-sh/volcano/nodeinfo.volcano.sh/v1alpha1/numatopologies.yaml b/crd-catalog/volcano-sh/volcano/nodeinfo.volcano.sh/v1alpha1/numatopologies.yaml index 1021f9d48..f2a4e2307 100644 --- a/crd-catalog/volcano-sh/volcano/nodeinfo.volcano.sh/v1alpha1/numatopologies.yaml +++ b/crd-catalog/volcano-sh/volcano/nodeinfo.volcano.sh/v1alpha1/numatopologies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "numatopologies.nodeinfo.volcano.sh" spec: group: "nodeinfo.volcano.sh" diff --git a/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/podgroups.yaml b/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/podgroups.yaml index ccbe65630..27997c283 100644 --- a/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/podgroups.yaml +++ b/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/podgroups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "podgroups.scheduling.volcano.sh" spec: group: "scheduling.volcano.sh" diff --git a/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/queues.yaml b/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/queues.yaml index 0907e09fc..1632e86cf 100644 --- a/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/queues.yaml +++ b/crd-catalog/volcano-sh/volcano/scheduling.volcano.sh/v1beta1/queues.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "queues.scheduling.volcano.sh" spec: group: "scheduling.volcano.sh" diff --git a/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha1/terraforms.yaml b/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha1/terraforms.yaml index 543595595..f157cb2af 100644 --- a/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha1/terraforms.yaml +++ b/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha1/terraforms.yaml @@ -306,11 +306,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -327,11 +329,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -343,6 +347,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -367,11 +372,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -388,14 +395,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -413,7 +423,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -431,11 +441,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -443,6 +455,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -462,11 +486,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -479,6 +505,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -494,13 +521,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -518,11 +546,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -530,6 +560,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -549,11 +591,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -566,6 +610,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -573,6 +618,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -586,7 +632,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -604,11 +650,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -616,6 +664,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -635,11 +695,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -652,6 +714,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -667,13 +730,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -691,11 +755,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -703,6 +769,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -722,11 +800,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -739,6 +819,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -746,6 +827,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" env: @@ -769,7 +851,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -818,7 +901,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -841,7 +925,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -855,7 +940,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -877,11 +963,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -903,7 +991,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -952,7 +1041,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -966,6 +1056,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -975,7 +1068,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -989,7 +1083,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -998,6 +1093,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -1018,6 +1114,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1041,6 +1138,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1056,6 +1154,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -1083,6 +1191,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1106,6 +1215,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1121,6 +1231,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -1149,6 +1269,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1189,6 +1310,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1285,6 +1407,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1325,6 +1448,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1430,12 +1554,27 @@ spec: description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" + restartPolicy: + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." + type: "string" securityContext: description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1445,12 +1584,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1492,7 +1633,7 @@ spec: description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." @@ -1510,7 +1651,7 @@ spec: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." @@ -1528,6 +1669,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1568,6 +1710,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1650,6 +1793,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -1659,7 +1805,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1667,6 +1813,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1678,6 +1827,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -1722,7 +1874,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1730,6 +1882,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1814,6 +1969,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -1827,7 +1983,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1850,7 +2007,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1887,8 +2045,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -1908,7 +2068,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1936,7 +2097,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1979,6 +2140,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -2011,6 +2173,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -2050,21 +2213,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -2103,11 +2251,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2118,6 +2268,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -2147,11 +2300,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -2174,7 +2329,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2283,6 +2439,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -2290,7 +2447,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2372,6 +2530,57 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -2395,8 +2604,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -2412,7 +2623,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -2455,6 +2666,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -2479,8 +2691,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -2505,6 +2719,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -2548,6 +2763,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -2558,7 +2774,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2588,7 +2805,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2639,6 +2857,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -2659,7 +2878,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2779,7 +2999,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2828,7 +3049,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" diff --git a/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha2/terraforms.yaml b/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha2/terraforms.yaml index eec8950db..3cc7279f6 100644 --- a/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha2/terraforms.yaml +++ b/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha2/terraforms.yaml @@ -322,11 +322,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -343,11 +345,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -359,6 +363,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -383,11 +388,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -404,14 +411,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -429,7 +439,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -447,11 +457,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -459,6 +471,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -478,11 +502,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -495,6 +521,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -510,13 +537,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -534,11 +562,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -546,6 +576,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -565,11 +607,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -582,6 +626,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -589,6 +634,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -602,7 +648,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -620,11 +666,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -632,6 +680,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -651,11 +711,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -668,6 +730,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -683,13 +746,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -707,11 +771,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -719,6 +785,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -738,11 +816,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -755,6 +835,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -762,6 +843,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" env: @@ -785,7 +867,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -834,7 +917,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -857,7 +941,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -871,7 +956,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -890,9 +976,12 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" ip: description: "IP address of the host file entry." type: "string" + required: + - "ip" type: "object" type: "array" image: @@ -908,11 +997,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -934,7 +1025,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -983,7 +1075,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -997,6 +1090,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -1006,7 +1102,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1020,7 +1117,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1029,6 +1127,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -1049,6 +1148,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1072,6 +1172,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1087,6 +1188,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -1114,6 +1225,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1137,6 +1249,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1152,6 +1265,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -1180,6 +1303,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1220,6 +1344,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1316,6 +1441,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1356,6 +1482,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1461,12 +1588,27 @@ spec: description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" + restartPolicy: + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." + type: "string" securityContext: description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1476,12 +1618,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1523,7 +1667,7 @@ spec: description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." @@ -1541,7 +1685,7 @@ spec: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." @@ -1559,6 +1703,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1599,6 +1744,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1681,6 +1827,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -1690,7 +1839,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1698,6 +1847,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1709,6 +1861,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -1767,6 +1922,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1776,12 +1943,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1823,7 +1992,7 @@ spec: description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." @@ -1841,7 +2010,7 @@ spec: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." @@ -1880,7 +2049,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1888,6 +2057,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1972,6 +2144,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -1985,7 +2158,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2008,7 +2182,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2045,8 +2220,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -2066,7 +2243,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2094,7 +2272,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -2137,6 +2315,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -2169,6 +2348,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -2208,21 +2388,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -2261,11 +2426,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2276,6 +2443,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -2305,11 +2475,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -2332,7 +2504,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2441,6 +2614,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -2448,7 +2622,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2530,6 +2705,57 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -2553,8 +2779,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -2570,7 +2798,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -2613,6 +2841,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -2637,8 +2866,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -2663,6 +2894,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -2706,6 +2938,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -2716,7 +2949,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2746,7 +2980,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2797,6 +3032,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -2817,7 +3053,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2946,7 +3183,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2995,7 +3233,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/controlplaneupgrades.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/controlplaneupgrades.rs index e76041b94..f3211f62b 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/controlplaneupgrades.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/controlplaneupgrades.rs @@ -61,7 +61,7 @@ pub struct ControlPlaneUpgradeControlPlane { pub uid: Option, } -/// ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. +/// ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. /// Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ControlPlaneUpgradeMachinesRequireUpgrade { diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/machinedeploymentupgrades.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/machinedeploymentupgrades.rs index 8a709e798..88fd0c638 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/machinedeploymentupgrades.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/machinedeploymentupgrades.rs @@ -58,7 +58,7 @@ pub struct MachineDeploymentUpgradeMachineDeployment { pub uid: Option, } -/// ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. +/// ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. /// Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineDeploymentUpgradeMachinesRequireUpgrade { diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/snowmachineconfigs.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/snowmachineconfigs.rs index 092d8e199..e9d911778 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/snowmachineconfigs.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/snowmachineconfigs.rs @@ -123,9 +123,93 @@ pub struct SnowMachineConfigHostOsConfigurationBottlerocketConfigurationKubernet /// ClusterDNSIPs defines IP addresses of the DNS servers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDNSIPs")] pub cluster_dnsi_ps: Option>, + /// ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers to search this domain before the host’s search domains + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDomain")] + pub cluster_domain: Option, + /// ContainerLogMaxFiles specifies the maximum number of container log files that can be present for a container + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerLogMaxFiles")] + pub container_log_max_files: Option, + /// ContainerLogMaxSize is a quantity defining the maximum size of the container log file before it is rotated + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerLogMaxSize")] + pub container_log_max_size: Option, + /// CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCFSQuota")] + pub cpu_cfs_quota: Option, + /// CPUManagerPolicy is the name of the policy to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerPolicy")] + pub cpu_manager_policy: Option, + /// CPUManagerPolicyOptions is a set of key=value which allows to set extra options to fine tune the behaviour of the cpu manager policies + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerPolicyOptions")] + pub cpu_manager_policy_options: Option>, + /// CPUManagerReconcilePeriod is the reconciliation period for the CPU Manager. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerReconcilePeriod")] + pub cpu_manager_reconcile_period: Option, + /// EventBurst is the maximum size of a burst of event creations. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "eventBurst")] + pub event_burst: Option, + /// EventRecordQPS is the maximum event creations per second. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "eventRecordQPS")] + pub event_record_qps: Option, + /// EvictionHard is a map of signal names to quantities that defines hard eviction thresholds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionHard")] + pub eviction_hard: Option>, + /// EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionMaxPodGracePeriod")] + pub eviction_max_pod_grace_period: Option, + /// EvictionSoft is a map of signal names to quantities that defines soft eviction thresholds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoft")] + pub eviction_soft: Option>, + /// EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods for each soft eviction signal. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoftGracePeriod")] + pub eviction_soft_grace_period: Option>, + /// ImageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCHighThresholdPercent")] + pub image_gc_high_threshold_percent: Option, + /// ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCLowThresholdPercent")] + pub image_gc_low_threshold_percent: Option, + /// KubeAPIBurst is the burst to allow while talking with kubernetes API server. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeAPIBurst")] + pub kube_api_burst: Option, + /// KubeAPIQPS is the QPS to use while talking with kubernetes apiserver. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeAPIQPS")] + pub kube_apiqps: Option, + /// KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for kubernetes system components + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeReserved")] + pub kube_reserved: Option>, /// MaxPods defines the maximum number of pods that can run on a node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxPods")] pub max_pods: Option, + /// MemoryManagerPolicy is the name of the policy to use by memory manager. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "memoryManagerPolicy")] + pub memory_manager_policy: Option, + /// PodPidsLimit is the maximum number of PIDs in any pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPidsLimit")] + pub pod_pids_limit: Option, + /// ProviderID sets the unique ID of the instance that an external provider. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "providerID")] + pub provider_id: Option, + /// RegistryBurst is the maximum size of bursty pulls. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "registryBurst")] + pub registry_burst: Option, + /// RegistryPullQPS is the limit of registry pulls per second. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "registryPullQPS")] + pub registry_pull_qps: Option, + /// ShutdownGracePeriod specifies the total duration that the node should delay the shutdown and total grace period for pod termination during a node shutdown. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "shutdownGracePeriod")] + pub shutdown_grace_period: Option, + /// ShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "shutdownGracePeriodCriticalPods")] + pub shutdown_grace_period_critical_pods: Option, + /// SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for non-kubernetes components. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemReserved")] + pub system_reserved: Option>, + /// TopologyManagerPolicy is the name of the topology manager policy to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyManagerPolicy")] + pub topology_manager_policy: Option, + /// TopologyManagerScope represents the scope of topology hint generation that topology manager requests and hint providers generate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyManagerScope")] + pub topology_manager_scope: Option, } /// Cert defines additional trusted cert bundles on the host OS. diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/tinkerbellmachineconfigs.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/tinkerbellmachineconfigs.rs index 0b95c1604..e0500a52f 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/tinkerbellmachineconfigs.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/tinkerbellmachineconfigs.rs @@ -86,9 +86,93 @@ pub struct TinkerbellMachineConfigHostOsConfigurationBottlerocketConfigurationKu /// ClusterDNSIPs defines IP addresses of the DNS servers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDNSIPs")] pub cluster_dnsi_ps: Option>, + /// ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers to search this domain before the host’s search domains + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDomain")] + pub cluster_domain: Option, + /// ContainerLogMaxFiles specifies the maximum number of container log files that can be present for a container + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerLogMaxFiles")] + pub container_log_max_files: Option, + /// ContainerLogMaxSize is a quantity defining the maximum size of the container log file before it is rotated + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerLogMaxSize")] + pub container_log_max_size: Option, + /// CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCFSQuota")] + pub cpu_cfs_quota: Option, + /// CPUManagerPolicy is the name of the policy to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerPolicy")] + pub cpu_manager_policy: Option, + /// CPUManagerPolicyOptions is a set of key=value which allows to set extra options to fine tune the behaviour of the cpu manager policies + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerPolicyOptions")] + pub cpu_manager_policy_options: Option>, + /// CPUManagerReconcilePeriod is the reconciliation period for the CPU Manager. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerReconcilePeriod")] + pub cpu_manager_reconcile_period: Option, + /// EventBurst is the maximum size of a burst of event creations. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "eventBurst")] + pub event_burst: Option, + /// EventRecordQPS is the maximum event creations per second. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "eventRecordQPS")] + pub event_record_qps: Option, + /// EvictionHard is a map of signal names to quantities that defines hard eviction thresholds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionHard")] + pub eviction_hard: Option>, + /// EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionMaxPodGracePeriod")] + pub eviction_max_pod_grace_period: Option, + /// EvictionSoft is a map of signal names to quantities that defines soft eviction thresholds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoft")] + pub eviction_soft: Option>, + /// EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods for each soft eviction signal. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoftGracePeriod")] + pub eviction_soft_grace_period: Option>, + /// ImageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCHighThresholdPercent")] + pub image_gc_high_threshold_percent: Option, + /// ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCLowThresholdPercent")] + pub image_gc_low_threshold_percent: Option, + /// KubeAPIBurst is the burst to allow while talking with kubernetes API server. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeAPIBurst")] + pub kube_api_burst: Option, + /// KubeAPIQPS is the QPS to use while talking with kubernetes apiserver. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeAPIQPS")] + pub kube_apiqps: Option, + /// KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for kubernetes system components + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeReserved")] + pub kube_reserved: Option>, /// MaxPods defines the maximum number of pods that can run on a node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxPods")] pub max_pods: Option, + /// MemoryManagerPolicy is the name of the policy to use by memory manager. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "memoryManagerPolicy")] + pub memory_manager_policy: Option, + /// PodPidsLimit is the maximum number of PIDs in any pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPidsLimit")] + pub pod_pids_limit: Option, + /// ProviderID sets the unique ID of the instance that an external provider. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "providerID")] + pub provider_id: Option, + /// RegistryBurst is the maximum size of bursty pulls. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "registryBurst")] + pub registry_burst: Option, + /// RegistryPullQPS is the limit of registry pulls per second. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "registryPullQPS")] + pub registry_pull_qps: Option, + /// ShutdownGracePeriod specifies the total duration that the node should delay the shutdown and total grace period for pod termination during a node shutdown. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "shutdownGracePeriod")] + pub shutdown_grace_period: Option, + /// ShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "shutdownGracePeriodCriticalPods")] + pub shutdown_grace_period_critical_pods: Option, + /// SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for non-kubernetes components. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemReserved")] + pub system_reserved: Option>, + /// TopologyManagerPolicy is the name of the topology manager policy to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyManagerPolicy")] + pub topology_manager_policy: Option, + /// TopologyManagerScope represents the scope of topology hint generation that topology manager requests and hint providers generate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyManagerScope")] + pub topology_manager_scope: Option, } /// Cert defines additional trusted cert bundles on the host OS. diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/vspheremachineconfigs.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/vspheremachineconfigs.rs index a8bf84a2d..173410021 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/vspheremachineconfigs.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/vspheremachineconfigs.rs @@ -107,9 +107,93 @@ pub struct VSphereMachineConfigHostOsConfigurationBottlerocketConfigurationKuber /// ClusterDNSIPs defines IP addresses of the DNS servers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDNSIPs")] pub cluster_dnsi_ps: Option>, + /// ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers to search this domain before the host’s search domains + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDomain")] + pub cluster_domain: Option, + /// ContainerLogMaxFiles specifies the maximum number of container log files that can be present for a container + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerLogMaxFiles")] + pub container_log_max_files: Option, + /// ContainerLogMaxSize is a quantity defining the maximum size of the container log file before it is rotated + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerLogMaxSize")] + pub container_log_max_size: Option, + /// CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCFSQuota")] + pub cpu_cfs_quota: Option, + /// CPUManagerPolicy is the name of the policy to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerPolicy")] + pub cpu_manager_policy: Option, + /// CPUManagerPolicyOptions is a set of key=value which allows to set extra options to fine tune the behaviour of the cpu manager policies + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerPolicyOptions")] + pub cpu_manager_policy_options: Option>, + /// CPUManagerReconcilePeriod is the reconciliation period for the CPU Manager. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerReconcilePeriod")] + pub cpu_manager_reconcile_period: Option, + /// EventBurst is the maximum size of a burst of event creations. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "eventBurst")] + pub event_burst: Option, + /// EventRecordQPS is the maximum event creations per second. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "eventRecordQPS")] + pub event_record_qps: Option, + /// EvictionHard is a map of signal names to quantities that defines hard eviction thresholds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionHard")] + pub eviction_hard: Option>, + /// EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionMaxPodGracePeriod")] + pub eviction_max_pod_grace_period: Option, + /// EvictionSoft is a map of signal names to quantities that defines soft eviction thresholds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoft")] + pub eviction_soft: Option>, + /// EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods for each soft eviction signal. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoftGracePeriod")] + pub eviction_soft_grace_period: Option>, + /// ImageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCHighThresholdPercent")] + pub image_gc_high_threshold_percent: Option, + /// ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCLowThresholdPercent")] + pub image_gc_low_threshold_percent: Option, + /// KubeAPIBurst is the burst to allow while talking with kubernetes API server. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeAPIBurst")] + pub kube_api_burst: Option, + /// KubeAPIQPS is the QPS to use while talking with kubernetes apiserver. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeAPIQPS")] + pub kube_apiqps: Option, + /// KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for kubernetes system components + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeReserved")] + pub kube_reserved: Option>, /// MaxPods defines the maximum number of pods that can run on a node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxPods")] pub max_pods: Option, + /// MemoryManagerPolicy is the name of the policy to use by memory manager. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "memoryManagerPolicy")] + pub memory_manager_policy: Option, + /// PodPidsLimit is the maximum number of PIDs in any pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPidsLimit")] + pub pod_pids_limit: Option, + /// ProviderID sets the unique ID of the instance that an external provider. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "providerID")] + pub provider_id: Option, + /// RegistryBurst is the maximum size of bursty pulls. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "registryBurst")] + pub registry_burst: Option, + /// RegistryPullQPS is the limit of registry pulls per second. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "registryPullQPS")] + pub registry_pull_qps: Option, + /// ShutdownGracePeriod specifies the total duration that the node should delay the shutdown and total grace period for pod termination during a node shutdown. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "shutdownGracePeriod")] + pub shutdown_grace_period: Option, + /// ShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "shutdownGracePeriodCriticalPods")] + pub shutdown_grace_period_critical_pods: Option, + /// SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for non-kubernetes components. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemReserved")] + pub system_reserved: Option>, + /// TopologyManagerPolicy is the name of the topology manager policy to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyManagerPolicy")] + pub topology_manager_policy: Option, + /// TopologyManagerScope represents the scope of topology hint generation that topology manager requests and hint providers generate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyManagerScope")] + pub topology_manager_scope: Option, } /// Cert defines additional trusted cert bundles on the host OS. diff --git a/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/agentpools.rs b/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/agentpools.rs index d1739d6cd..56ebedf3e 100644 --- a/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/agentpools.rs +++ b/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/agentpools.rs @@ -11,7 +11,7 @@ mod prelude { } use self::prelude::*; -/// AgentPoolSpec defines the desired stak get ste of AgentPool. +/// AgentPoolSpec defines the desired state of AgentPool. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "app.terraform.io", version = "v1alpha2", kind = "AgentPool", plural = "agentpools")] #[kube(namespaced)] @@ -6586,6 +6586,9 @@ pub struct AgentPoolAgentTokens { /// Agent deployment settings #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AgentPoolAutoscaling { + /// CoolDownPeriod configures the period to wait between scaling up and scaling down + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cooldownPeriod")] + pub cooldown_period: Option, /// CooldownPeriodSeconds is the time to wait between scaling events. Defaults to 300. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cooldownPeriodSeconds")] pub cooldown_period_seconds: Option, @@ -6603,6 +6606,17 @@ pub struct AgentPoolAutoscaling { pub target_workspaces: Option>, } +/// CoolDownPeriod configures the period to wait between scaling up and scaling down +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AgentPoolAutoscalingCooldownPeriod { + /// ScaleDownSeconds is the time to wait before scaling down. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleDownSeconds")] + pub scale_down_seconds: Option, + /// ScaleUpSeconds is the time to wait before scaling up. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleUpSeconds")] + pub scale_up_seconds: Option, +} + /// TargetWorkspace is the name or ID of the workspace you want autoscale against. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AgentPoolAutoscalingTargetWorkspaces { diff --git a/kube-custom-resources-rs/src/appprotectdos_f5_com/v1beta1/dosprotectedresources.rs b/kube-custom-resources-rs/src/appprotectdos_f5_com/v1beta1/dosprotectedresources.rs index f003e1dd9..86f9ea7a5 100644 --- a/kube-custom-resources-rs/src/appprotectdos_f5_com/v1beta1/dosprotectedresources.rs +++ b/kube-custom-resources-rs/src/appprotectdos_f5_com/v1beta1/dosprotectedresources.rs @@ -17,6 +17,9 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct DosProtectedResourceSpec { + /// AllowList is a list of allowed IPs and subnet masks + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowList")] + pub allow_list: Option>, /// ApDosMonitor is how NGINX App Protect DoS monitors the stress level of the protected object. The monitor requests are sent from localhost (127.0.0.1). Default value: URI - None, protocol - http1, timeout - NGINX App Protect DoS default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apDosMonitor")] pub ap_dos_monitor: Option, @@ -37,6 +40,13 @@ pub struct DosProtectedResourceSpec { pub name: Option, } +/// AllowListEntry represents an IP address and a subnet mask. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DosProtectedResourceAllowList { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipWithMask")] + pub ip_with_mask: Option, +} + /// ApDosMonitor is how NGINX App Protect DoS monitors the stress level of the protected object. The monitor requests are sent from localhost (127.0.0.1). Default value: URI - None, protocol - http1, timeout - NGINX App Protect DoS default. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DosProtectedResourceApDosMonitor { diff --git a/kube-custom-resources-rs/src/apps_clusternet_io/v1alpha1/manifests.rs b/kube-custom-resources-rs/src/apps_clusternet_io/v1alpha1/manifests.rs index aa2fdecce..665747d38 100644 --- a/kube-custom-resources-rs/src/apps_clusternet_io/v1alpha1/manifests.rs +++ b/kube-custom-resources-rs/src/apps_clusternet_io/v1alpha1/manifests.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusterdefinitions.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusterdefinitions.rs index c3b801fe5..bf1838e3e 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusterdefinitions.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusterdefinitions.rs @@ -58,14 +58,6 @@ pub struct ClusterDefinitionSpec { /// Topologies defines all possible topologies within the cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub topologies: Option>, - /// Specifies the well-known database type, such as mysql, redis, or mongodb. - /// - /// - /// Deprecated since v0.9. - /// This field is maintained for backward compatibility and its use is discouraged. - /// Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, } /// ClusterComponentDefinition defines a Component within a ClusterDefinition but is deprecated and @@ -88,25 +80,12 @@ pub struct ClusterDefinitionComponentDefs { /// Defines spec for `Consensus` workloads. It's required if the workload type is `Consensus`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "consensusSpec")] pub consensus_spec: Option, - /// Used for custom label tags which you want to add to the component resources. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "customLabelSpecs")] - pub custom_label_specs: Option>, - /// Description of the component definition. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub description: Option, - /// Defines the metrics exporter. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exporter: Option, /// Defines the behavior of horizontal scale. #[serde(default, skip_serializing_if = "Option::is_none", rename = "horizontalScalePolicy")] pub horizontal_scale_policy: Option, /// Specify the logging files which can be observed and configured by cluster users. #[serde(default, skip_serializing_if = "Option::is_none", rename = "logConfigs")] pub log_configs: Option>, - /// Deprecated since v0.9 - /// monitor is monitoring config which provided by provider. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub monitor: Option, /// This name could be used as default name of `cluster.spec.componentSpecs.name`, and needs to conform with same /// validation rules as `cluster.spec.componentSpecs.name`, currently complying with IANA Service Naming rule. /// This name will apply to cluster objects as the value of label "apps.kubeblocks.io/component-name". @@ -546,59 +525,6 @@ pub enum ClusterDefinitionComponentDefsConsensusSpecUpdateStrategy { Parallel, } -/// CustomLabelSpec is deprecated since v0.8. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsCustomLabelSpecs { - /// The key of the label. - pub key: String, - /// The resources that will be patched with the label. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option>, - /// The value of the label. - pub value: String, -} - -/// GVKResource is deprecated since v0.8. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsCustomLabelSpecsResources { - /// Represents the GVK of a resource, such as "v1/Pod", "apps/v1/StatefulSet", etc. - /// When a resource matching this is found by the selector, a custom label will be added if it doesn't already exist, - /// or updated if it does. - pub gvk: String, - /// A label query used to filter a set of resources. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option>, -} - -/// Defines the metrics exporter. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsExporter { - /// Specifies the name of the built-in metrics exporter container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the http/https url path to scrape for metrics. - /// If empty, Prometheus uses the default value (e.g. `/metrics`). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapePath")] - pub scrape_path: Option, - /// Specifies the port name to scrape for metrics. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapePort")] - pub scrape_port: Option, - /// Specifies the schema to use for scraping. - /// `http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling. - /// If empty, Prometheus uses the default value `http`. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeScheme")] - pub scrape_scheme: Option, -} - -/// Defines the metrics exporter. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsExporterScrapeScheme { - #[serde(rename = "http")] - Http, - #[serde(rename = "https")] - Https, -} - /// Defines the behavior of horizontal scale. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDefinitionComponentDefsHorizontalScalePolicy { @@ -647,33 +573,6 @@ pub struct ClusterDefinitionComponentDefsLogConfigs { pub name: String, } -/// Deprecated since v0.9 -/// monitor is monitoring config which provided by provider. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsMonitor { - /// builtIn is a switch to enable KubeBlocks builtIn monitoring. - /// If BuiltIn is set to true, monitor metrics will be scraped automatically. - /// If BuiltIn is set to false, the provider should set ExporterConfig and Sidecar container own. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "builtIn")] - pub built_in: Option, - /// exporterConfig provided by provider, which specify necessary information to Time Series Database. - /// exporterConfig is valid when builtIn is false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "exporterConfig")] - pub exporter_config: Option, -} - -/// exporterConfig provided by provider, which specify necessary information to Time Series Database. -/// exporterConfig is valid when builtIn is false. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsMonitorExporterConfig { - /// scrapePath is exporter url path for Time Series Database to scrape metrics. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapePath")] - pub scrape_path: Option, - /// scrapePort is exporter port for Time Series Database to scrape metrics. - #[serde(rename = "scrapePort")] - pub scrape_port: IntOrString, -} - /// Defines the pod spec template of component. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDefinitionComponentDefsPodSpec { diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusters.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusters.rs index 3865faf51..b551d6d1f 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusters.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusters.rs @@ -491,6 +491,21 @@ pub struct ClusterComponentSpecs { /// The administrator must manually manage the cleanup and removal of these resources when they are no longer needed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "offlineInstances")] pub offline_instances: Option>, + /// Controls the concurrency of pods during initial scale up, when replacing pods on nodes, + /// or when scaling down. It only used when `PodManagementPolicy` is set to `Parallel`. + /// The default Concurrency is 100%. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "parallelPodManagementConcurrency")] + pub parallel_pod_management_concurrency: Option, + /// PodUpdatePolicy indicates how pods should be updated + /// + /// + /// - `StrictInPlace` indicates that only allows in-place upgrades. + /// Any attempt to modify other fields will be rejected. + /// - `PreferInPlace` indicates that we will first attempt an in-place upgrade of the Pod. + /// If that fails, it will fall back to the ReCreate, where pod will be recreated. + /// Default value is "PreferInPlace" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podUpdatePolicy")] + pub pod_update_policy: Option, /// Specifies the desired number of replicas in the Component for enhancing availability and durability, or load balancing. pub replicas: i32, /// Specifies the resources required by the Component. @@ -506,8 +521,9 @@ pub struct ClusterComponentSpecs { /// /// /// Defaults: - /// If not specified, KubeBlocks automatically assigns a default ServiceAccount named "kb-{cluster.name}", - /// bound to a default role installed together with KubeBlocks. + /// To perform certain operational tasks, agent sidecars running in Pods require specific RBAC permissions. + /// The service account will be bound to a default role named "kubeblocks-cluster-pod-role" which is installed together with KubeBlocks. + /// If not specified, KubeBlocks automatically assigns a default ServiceAccount named "kb-{cluster.name}" /// /// /// Future Changes: @@ -558,6 +574,10 @@ pub struct ClusterComponentSpecs { /// Overrides services defined in referenced ComponentDefinition and expose endpoints that can be accessed by clients. #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option>, + /// Stop the Component. + /// If set, all the computing resources will be released. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub stop: Option, /// Defines the strategy for switchover and failover when workloadType is Replication. /// /// @@ -7852,6 +7872,21 @@ pub struct ClusterShardingSpecsTemplate { /// The administrator must manually manage the cleanup and removal of these resources when they are no longer needed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "offlineInstances")] pub offline_instances: Option>, + /// Controls the concurrency of pods during initial scale up, when replacing pods on nodes, + /// or when scaling down. It only used when `PodManagementPolicy` is set to `Parallel`. + /// The default Concurrency is 100%. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "parallelPodManagementConcurrency")] + pub parallel_pod_management_concurrency: Option, + /// PodUpdatePolicy indicates how pods should be updated + /// + /// + /// - `StrictInPlace` indicates that only allows in-place upgrades. + /// Any attempt to modify other fields will be rejected. + /// - `PreferInPlace` indicates that we will first attempt an in-place upgrade of the Pod. + /// If that fails, it will fall back to the ReCreate, where pod will be recreated. + /// Default value is "PreferInPlace" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podUpdatePolicy")] + pub pod_update_policy: Option, /// Specifies the desired number of replicas in the Component for enhancing availability and durability, or load balancing. pub replicas: i32, /// Specifies the resources required by the Component. @@ -7867,8 +7902,9 @@ pub struct ClusterShardingSpecsTemplate { /// /// /// Defaults: - /// If not specified, KubeBlocks automatically assigns a default ServiceAccount named "kb-{cluster.name}", - /// bound to a default role installed together with KubeBlocks. + /// To perform certain operational tasks, agent sidecars running in Pods require specific RBAC permissions. + /// The service account will be bound to a default role named "kubeblocks-cluster-pod-role" which is installed together with KubeBlocks. + /// If not specified, KubeBlocks automatically assigns a default ServiceAccount named "kb-{cluster.name}" /// /// /// Future Changes: @@ -7919,6 +7955,10 @@ pub struct ClusterShardingSpecsTemplate { /// Overrides services defined in referenced ComponentDefinition and expose endpoints that can be accessed by clients. #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option>, + /// Stop the Component. + /// If set, all the computing resources will be released. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub stop: Option, /// Defines the strategy for switchover and failover when workloadType is Replication. /// /// diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/componentdefinitions.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/componentdefinitions.rs index 80f6cc85f..da049ff0a 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/componentdefinitions.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/componentdefinitions.rs @@ -67,6 +67,9 @@ pub struct ComponentDefinitionSpec { /// /// /// If set, the DNS policy will be automatically set to "ClusterFirstWithHostNet". + /// + /// + /// This field is immutable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetwork")] pub host_network: Option, /// Specifies static labels that will be patched to all Kubernetes resources created for the Component. @@ -138,10 +141,6 @@ pub struct ComponentDefinitionSpec { /// A default value of 0 seconds means the Pod is considered available as soon as it enters the ready state. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReadySeconds")] pub min_ready_seconds: Option, - /// Deprecated since v0.9 - /// monitor is monitoring config which provided by provider. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub monitor: Option, /// InstanceSet controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down. /// /// @@ -656,6 +655,9 @@ pub enum ComponentDefinitionExporterScrapeScheme { /// /// /// If set, the DNS policy will be automatically set to "ClusterFirstWithHostNet". +/// +/// +/// This field is immutable. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionHostNetwork { /// The list of container ports that are required by the component. @@ -1138,27 +1140,6 @@ pub struct ComponentDefinitionLifecycleActionsAccountProvision { /// Then the controller will interact with these actions via GRPCAction calls. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandler { - /// Defines the name of the container within the target Pod where the action will be executed. - /// - /// - /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. - /// If this field is not specified, the default behavior is to use the first container listed in - /// `componentDefinition.spec.runtime`. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub container: Option, - /// Represents a list of environment variables that will be injected into the container. - /// These variables enable the container to adapt its behavior based on the environment it's running in. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, /// Defines the command to run. /// /// @@ -1174,31 +1155,6 @@ pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandler { /// Note: HTTPAction is to be implemented in future version. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// Specifies the container image to be used for running the Action. - /// - /// - /// When specified, a dedicated container will be created using this image to execute the Action. - /// This field is mutually exclusive with the `container` field; only one of them should be provided. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. - /// The impact of this field depends on the `targetPodSelector` value: - /// - /// - /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. - /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` - /// will be selected for the Action. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] - pub matching_key: Option, /// Specifies the state that the cluster must reach before the Action is executed. /// Currently, this is only applicable to the `postProvision` action. /// @@ -1229,31 +1185,97 @@ pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandler { /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] pub retry_policy: Option, - /// Defines the criteria used to select the target Pod(s) for executing the Action. - /// This is useful when there is no default target replica identified. - /// It allows for precise control over which Pod(s) the Action should run in. + /// Specifies the maximum duration in seconds that the Action is allowed to run. + /// + /// + /// If the Action does not complete within this time frame, it will be terminated. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerExec { + /// Args represents the arguments that are passed to the `command` for execution. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// Defines the name of the container within the target Pod where the action will be executed. + /// + /// + /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. + /// If this field is not specified, the default behavior is to use the first container listed in + /// `componentDefinition.spec.runtime`. /// /// /// This field cannot be updated. /// /// /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] - pub target_pod_selector: Option, - /// Specifies the maximum duration in seconds that the Action is allowed to run. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. /// /// - /// If the Action does not complete within this time frame, it will be terminated. + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// This field is mutually exclusive with the `container` field; only one of them should be provided. /// /// /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, } /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerEnv { +pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerExecEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, /// Variable references $(VAR_NAME) are expanded @@ -1269,31 +1291,31 @@ pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerEnv { pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, + pub value_from: Option, } /// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerEnvValueFrom { +pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerExecEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, + pub config_map_key_ref: Option, /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, + pub field_ref: Option, /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, + pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, + pub secret_key_ref: Option, } /// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerEnvValueFromConfigMapKeyRef { +pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerExecEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. @@ -1309,7 +1331,7 @@ pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerEnvVa /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerEnvValueFromFieldRef { +pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -1321,7 +1343,7 @@ pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerEnvVa /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerEnvValueFromResourceFieldRef { +pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -1334,7 +1356,7 @@ pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerEnvVa /// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerEnvValueFromSecretKeyRef { +pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerExecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1351,20 +1373,12 @@ pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerEnvVa /// /// /// This field cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerExec { - /// Args represents the arguments that are passed to the `command` for execution. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Specifies the command to be executed inside the container. - /// The working directory for this command is the container's root directory('/'). - /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. - /// If the shell is required, it must be explicitly invoked in the command. - /// - /// - /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerExecTargetPodSelector { + Any, + All, + Role, + Ordinal, } /// Specifies the HTTP request to perform. @@ -1431,28 +1445,6 @@ pub struct ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerRetry pub retry_interval: Option, } -/// Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. -/// It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging -/// tailored actions. -/// -/// -/// An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning -/// to support GRPCAction, -/// thereby accommodating unique logic for different database systems within the Action's framework. -/// -/// -/// In future iterations, all built-in handlers are expected to transition to GRPCAction. -/// This change means that Lorry or other sidecar agents will expose the implementation of actions -/// through a GRPC interface for external invocation. -/// Then the controller will interact with these actions via GRPCAction calls. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionLifecycleActionsAccountProvisionCustomHandlerTargetPodSelector { - Any, - All, - Role, - Ordinal, -} - /// Defines the procedure for exporting the data from a replica. /// /// @@ -1548,27 +1540,6 @@ pub struct ComponentDefinitionLifecycleActionsDataDump { /// Then the controller will interact with these actions via GRPCAction calls. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandler { - /// Defines the name of the container within the target Pod where the action will be executed. - /// - /// - /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. - /// If this field is not specified, the default behavior is to use the first container listed in - /// `componentDefinition.spec.runtime`. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub container: Option, - /// Represents a list of environment variables that will be injected into the container. - /// These variables enable the container to adapt its behavior based on the environment it's running in. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, /// Defines the command to run. /// /// @@ -1584,31 +1555,6 @@ pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandler { /// Note: HTTPAction is to be implemented in future version. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// Specifies the container image to be used for running the Action. - /// - /// - /// When specified, a dedicated container will be created using this image to execute the Action. - /// This field is mutually exclusive with the `container` field; only one of them should be provided. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. - /// The impact of this field depends on the `targetPodSelector` value: - /// - /// - /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. - /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` - /// will be selected for the Action. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] - pub matching_key: Option, /// Specifies the state that the cluster must reach before the Action is executed. /// Currently, this is only applicable to the `postProvision` action. /// @@ -1639,17 +1585,6 @@ pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandler { /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] pub retry_policy: Option, - /// Defines the criteria used to select the target Pod(s) for executing the Action. - /// This is useful when there is no default target replica identified. - /// It allows for precise control over which Pod(s) the Action should run in. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] - pub target_pod_selector: Option, /// Specifies the maximum duration in seconds that the Action is allowed to run. /// /// @@ -1661,49 +1596,126 @@ pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandler { pub timeout_seconds: Option, } -/// EnvVar represents an environment variable present in a Container. +/// Defines the command to run. +/// +/// +/// This field cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. - pub name: String, - /// Variable references $(VAR_NAME) are expanded - /// using the previously defined environment variables in the container and - /// any service environment variables. If a variable cannot be resolved, - /// the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - /// Escaped references will never be expanded, regardless of whether the variable - /// exists or not. - /// Defaults to "". +pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerExec { + /// Args represents the arguments that are passed to the `command` for execution. #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Source for the environment variable's value. Cannot be used if value is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerEnvValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// Defines the name of the container within the target Pod where the action will be executed. + /// + /// + /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. + /// If this field is not specified, the default behavior is to use the first container listed in + /// `componentDefinition.spec.runtime`. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// This field is mutually exclusive with the `container` field; only one of them should be provided. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerExecEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerExecEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, + pub field_ref: Option, /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, + pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, + pub secret_key_ref: Option, } /// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerEnvValueFromConfigMapKeyRef { +pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerExecEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. @@ -1719,7 +1731,7 @@ pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerEnvValueFromC /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerEnvValueFromFieldRef { +pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -1731,7 +1743,7 @@ pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerEnvValueFromF /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerEnvValueFromResourceFieldRef { +pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -1744,7 +1756,7 @@ pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerEnvValueFromR /// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerEnvValueFromSecretKeyRef { +pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerExecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1761,20 +1773,12 @@ pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerEnvValueFromS /// /// /// This field cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerExec { - /// Args represents the arguments that are passed to the `command` for execution. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Specifies the command to be executed inside the container. - /// The working directory for this command is the container's root directory('/'). - /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. - /// If the shell is required, it must be explicitly invoked in the command. - /// - /// - /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionLifecycleActionsDataDumpCustomHandlerExecTargetPodSelector { + Any, + All, + Role, + Ordinal, } /// Specifies the HTTP request to perform. @@ -1841,28 +1845,6 @@ pub struct ComponentDefinitionLifecycleActionsDataDumpCustomHandlerRetryPolicy { pub retry_interval: Option, } -/// Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. -/// It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging -/// tailored actions. -/// -/// -/// An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning -/// to support GRPCAction, -/// thereby accommodating unique logic for different database systems within the Action's framework. -/// -/// -/// In future iterations, all built-in handlers are expected to transition to GRPCAction. -/// This change means that Lorry or other sidecar agents will expose the implementation of actions -/// through a GRPC interface for external invocation. -/// Then the controller will interact with these actions via GRPCAction calls. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionLifecycleActionsDataDumpCustomHandlerTargetPodSelector { - Any, - All, - Role, - Ordinal, -} - /// Defines the procedure for importing data into a replica. /// /// @@ -1957,27 +1939,6 @@ pub struct ComponentDefinitionLifecycleActionsDataLoad { /// Then the controller will interact with these actions via GRPCAction calls. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandler { - /// Defines the name of the container within the target Pod where the action will be executed. - /// - /// - /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. - /// If this field is not specified, the default behavior is to use the first container listed in - /// `componentDefinition.spec.runtime`. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub container: Option, - /// Represents a list of environment variables that will be injected into the container. - /// These variables enable the container to adapt its behavior based on the environment it's running in. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, /// Defines the command to run. /// /// @@ -1993,31 +1954,6 @@ pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandler { /// Note: HTTPAction is to be implemented in future version. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// Specifies the container image to be used for running the Action. - /// - /// - /// When specified, a dedicated container will be created using this image to execute the Action. - /// This field is mutually exclusive with the `container` field; only one of them should be provided. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. - /// The impact of this field depends on the `targetPodSelector` value: - /// - /// - /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. - /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` - /// will be selected for the Action. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] - pub matching_key: Option, /// Specifies the state that the cluster must reach before the Action is executed. /// Currently, this is only applicable to the `postProvision` action. /// @@ -2048,17 +1984,6 @@ pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandler { /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] pub retry_policy: Option, - /// Defines the criteria used to select the target Pod(s) for executing the Action. - /// This is useful when there is no default target replica identified. - /// It allows for precise control over which Pod(s) the Action should run in. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] - pub target_pod_selector: Option, /// Specifies the maximum duration in seconds that the Action is allowed to run. /// /// @@ -2070,65 +1995,142 @@ pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandler { pub timeout_seconds: Option, } -/// EnvVar represents an environment variable present in a Container. +/// Defines the command to run. +/// +/// +/// This field cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. - pub name: String, - /// Variable references $(VAR_NAME) are expanded - /// using the previously defined environment variables in the container and - /// any service environment variables. If a variable cannot be resolved, - /// the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - /// Escaped references will never be expanded, regardless of whether the variable - /// exists or not. - /// Defaults to "". +pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerExec { + /// Args represents the arguments that are passed to the `command` for execution. #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Source for the environment variable's value. Cannot be used if value is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerEnvValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerEnvValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined + pub command: Option>, + /// Defines the name of the container within the target Pod where the action will be executed. + /// + /// + /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. + /// If this field is not specified, the default behavior is to use the first container listed in + /// `componentDefinition.spec.runtime`. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// This field is mutually exclusive with the `container` field; only one of them should be provided. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerExecEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerExecEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerExecEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerEnvValueFromFieldRef { +pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -2140,7 +2142,7 @@ pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerEnvValueFromF /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerEnvValueFromResourceFieldRef { +pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -2153,7 +2155,7 @@ pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerEnvValueFromR /// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerEnvValueFromSecretKeyRef { +pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerExecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2170,20 +2172,12 @@ pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerEnvValueFromS /// /// /// This field cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerExec { - /// Args represents the arguments that are passed to the `command` for execution. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Specifies the command to be executed inside the container. - /// The working directory for this command is the container's root directory('/'). - /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. - /// If the shell is required, it must be explicitly invoked in the command. - /// - /// - /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionLifecycleActionsDataLoadCustomHandlerExecTargetPodSelector { + Any, + All, + Role, + Ordinal, } /// Specifies the HTTP request to perform. @@ -2250,28 +2244,6 @@ pub struct ComponentDefinitionLifecycleActionsDataLoadCustomHandlerRetryPolicy { pub retry_interval: Option, } -/// Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. -/// It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging -/// tailored actions. -/// -/// -/// An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning -/// to support GRPCAction, -/// thereby accommodating unique logic for different database systems within the Action's framework. -/// -/// -/// In future iterations, all built-in handlers are expected to transition to GRPCAction. -/// This change means that Lorry or other sidecar agents will expose the implementation of actions -/// through a GRPC interface for external invocation. -/// Then the controller will interact with these actions via GRPCAction calls. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionLifecycleActionsDataLoadCustomHandlerTargetPodSelector { - Any, - All, - Role, - Ordinal, -} - /// Defines the procedure to add a new replica to the replication group. /// /// @@ -2393,27 +2365,6 @@ pub struct ComponentDefinitionLifecycleActionsMemberJoin { /// Then the controller will interact with these actions via GRPCAction calls. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandler { - /// Defines the name of the container within the target Pod where the action will be executed. - /// - /// - /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. - /// If this field is not specified, the default behavior is to use the first container listed in - /// `componentDefinition.spec.runtime`. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub container: Option, - /// Represents a list of environment variables that will be injected into the container. - /// These variables enable the container to adapt its behavior based on the environment it's running in. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, /// Defines the command to run. /// /// @@ -2429,31 +2380,6 @@ pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandler { /// Note: HTTPAction is to be implemented in future version. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// Specifies the container image to be used for running the Action. - /// - /// - /// When specified, a dedicated container will be created using this image to execute the Action. - /// This field is mutually exclusive with the `container` field; only one of them should be provided. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. - /// The impact of this field depends on the `targetPodSelector` value: - /// - /// - /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. - /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` - /// will be selected for the Action. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] - pub matching_key: Option, /// Specifies the state that the cluster must reach before the Action is executed. /// Currently, this is only applicable to the `postProvision` action. /// @@ -2484,17 +2410,6 @@ pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandler { /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] pub retry_policy: Option, - /// Defines the criteria used to select the target Pod(s) for executing the Action. - /// This is useful when there is no default target replica identified. - /// It allows for precise control over which Pod(s) the Action should run in. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] - pub target_pod_selector: Option, /// Specifies the maximum duration in seconds that the Action is allowed to run. /// /// @@ -2506,65 +2421,142 @@ pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandler { pub timeout_seconds: Option, } -/// EnvVar represents an environment variable present in a Container. +/// Defines the command to run. +/// +/// +/// This field cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. - pub name: String, - /// Variable references $(VAR_NAME) are expanded - /// using the previously defined environment variables in the container and - /// any service environment variables. If a variable cannot be resolved, - /// the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - /// Escaped references will never be expanded, regardless of whether the variable - /// exists or not. - /// Defaults to "". +pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerExec { + /// Args represents the arguments that are passed to the `command` for execution. #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Source for the environment variable's value. Cannot be used if value is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerEnvValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerEnvValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined + pub command: Option>, + /// Defines the name of the container within the target Pod where the action will be executed. + /// + /// + /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. + /// If this field is not specified, the default behavior is to use the first container listed in + /// `componentDefinition.spec.runtime`. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// This field is mutually exclusive with the `container` field; only one of them should be provided. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerExecEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerExecEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerExecEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerEnvValueFromFieldRef { +pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -2576,7 +2568,7 @@ pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerEnvValueFro /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerEnvValueFromResourceFieldRef { +pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -2589,7 +2581,7 @@ pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerEnvValueFro /// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerEnvValueFromSecretKeyRef { +pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerExecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2606,20 +2598,12 @@ pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerEnvValueFro /// /// /// This field cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerExec { - /// Args represents the arguments that are passed to the `command` for execution. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Specifies the command to be executed inside the container. - /// The working directory for this command is the container's root directory('/'). - /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. - /// If the shell is required, it must be explicitly invoked in the command. - /// - /// - /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerExecTargetPodSelector { + Any, + All, + Role, + Ordinal, } /// Specifies the HTTP request to perform. @@ -2686,28 +2670,6 @@ pub struct ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerRetryPolicy pub retry_interval: Option, } -/// Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. -/// It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging -/// tailored actions. -/// -/// -/// An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning -/// to support GRPCAction, -/// thereby accommodating unique logic for different database systems within the Action's framework. -/// -/// -/// In future iterations, all built-in handlers are expected to transition to GRPCAction. -/// This change means that Lorry or other sidecar agents will expose the implementation of actions -/// through a GRPC interface for external invocation. -/// Then the controller will interact with these actions via GRPCAction calls. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionLifecycleActionsMemberJoinCustomHandlerTargetPodSelector { - Any, - All, - Role, - Ordinal, -} - /// Defines the procedure to remove a replica from the replication group. /// /// @@ -2829,27 +2791,6 @@ pub struct ComponentDefinitionLifecycleActionsMemberLeave { /// Then the controller will interact with these actions via GRPCAction calls. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandler { - /// Defines the name of the container within the target Pod where the action will be executed. - /// - /// - /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. - /// If this field is not specified, the default behavior is to use the first container listed in - /// `componentDefinition.spec.runtime`. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub container: Option, - /// Represents a list of environment variables that will be injected into the container. - /// These variables enable the container to adapt its behavior based on the environment it's running in. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, /// Defines the command to run. /// /// @@ -2865,31 +2806,6 @@ pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandler { /// Note: HTTPAction is to be implemented in future version. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// Specifies the container image to be used for running the Action. - /// - /// - /// When specified, a dedicated container will be created using this image to execute the Action. - /// This field is mutually exclusive with the `container` field; only one of them should be provided. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. - /// The impact of this field depends on the `targetPodSelector` value: - /// - /// - /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. - /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` - /// will be selected for the Action. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] - pub matching_key: Option, /// Specifies the state that the cluster must reach before the Action is executed. /// Currently, this is only applicable to the `postProvision` action. /// @@ -2920,17 +2836,6 @@ pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandler { /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] pub retry_policy: Option, - /// Defines the criteria used to select the target Pod(s) for executing the Action. - /// This is useful when there is no default target replica identified. - /// It allows for precise control over which Pod(s) the Action should run in. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] - pub target_pod_selector: Option, /// Specifies the maximum duration in seconds that the Action is allowed to run. /// /// @@ -2942,65 +2847,142 @@ pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandler { pub timeout_seconds: Option, } -/// EnvVar represents an environment variable present in a Container. +/// Defines the command to run. +/// +/// +/// This field cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. - pub name: String, - /// Variable references $(VAR_NAME) are expanded - /// using the previously defined environment variables in the container and - /// any service environment variables. If a variable cannot be resolved, - /// the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - /// Escaped references will never be expanded, regardless of whether the variable - /// exists or not. - /// Defaults to "". +pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerExec { + /// Args represents the arguments that are passed to the `command` for execution. #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Source for the environment variable's value. Cannot be used if value is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerEnvValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerEnvValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined + pub command: Option>, + /// Defines the name of the container within the target Pod where the action will be executed. + /// + /// + /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. + /// If this field is not specified, the default behavior is to use the first container listed in + /// `componentDefinition.spec.runtime`. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// This field is mutually exclusive with the `container` field; only one of them should be provided. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerExecEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerExecEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerExecEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerEnvValueFromFieldRef { +pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -3012,7 +2994,7 @@ pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerEnvValueFr /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerEnvValueFromResourceFieldRef { +pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -3025,7 +3007,7 @@ pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerEnvValueFr /// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerEnvValueFromSecretKeyRef { +pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerExecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3042,20 +3024,12 @@ pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerEnvValueFr /// /// /// This field cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerExec { - /// Args represents the arguments that are passed to the `command` for execution. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Specifies the command to be executed inside the container. - /// The working directory for this command is the container's root directory('/'). - /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. - /// If the shell is required, it must be explicitly invoked in the command. - /// - /// - /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerExecTargetPodSelector { + Any, + All, + Role, + Ordinal, } /// Specifies the HTTP request to perform. @@ -3122,28 +3096,6 @@ pub struct ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerRetryPolic pub retry_interval: Option, } -/// Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. -/// It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging -/// tailored actions. -/// -/// -/// An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning -/// to support GRPCAction, -/// thereby accommodating unique logic for different database systems within the Action's framework. -/// -/// -/// In future iterations, all built-in handlers are expected to transition to GRPCAction. -/// This change means that Lorry or other sidecar agents will expose the implementation of actions -/// through a GRPC interface for external invocation. -/// Then the controller will interact with these actions via GRPCAction calls. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionLifecycleActionsMemberLeaveCustomHandlerTargetPodSelector { - Any, - All, - Role, - Ordinal, -} - /// Specifies the hook to be executed after a component's creation. /// /// @@ -3260,27 +3212,6 @@ pub struct ComponentDefinitionLifecycleActionsPostProvision { /// Then the controller will interact with these actions via GRPCAction calls. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandler { - /// Defines the name of the container within the target Pod where the action will be executed. - /// - /// - /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. - /// If this field is not specified, the default behavior is to use the first container listed in - /// `componentDefinition.spec.runtime`. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub container: Option, - /// Represents a list of environment variables that will be injected into the container. - /// These variables enable the container to adapt its behavior based on the environment it's running in. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, /// Defines the command to run. /// /// @@ -3296,31 +3227,6 @@ pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandler { /// Note: HTTPAction is to be implemented in future version. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// Specifies the container image to be used for running the Action. - /// - /// - /// When specified, a dedicated container will be created using this image to execute the Action. - /// This field is mutually exclusive with the `container` field; only one of them should be provided. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. - /// The impact of this field depends on the `targetPodSelector` value: - /// - /// - /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. - /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` - /// will be selected for the Action. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] - pub matching_key: Option, /// Specifies the state that the cluster must reach before the Action is executed. /// Currently, this is only applicable to the `postProvision` action. /// @@ -3351,31 +3257,97 @@ pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandler { /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] pub retry_policy: Option, - /// Defines the criteria used to select the target Pod(s) for executing the Action. - /// This is useful when there is no default target replica identified. - /// It allows for precise control over which Pod(s) the Action should run in. + /// Specifies the maximum duration in seconds that the Action is allowed to run. + /// + /// + /// If the Action does not complete within this time frame, it will be terminated. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerExec { + /// Args represents the arguments that are passed to the `command` for execution. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// Defines the name of the container within the target Pod where the action will be executed. + /// + /// + /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. + /// If this field is not specified, the default behavior is to use the first container listed in + /// `componentDefinition.spec.runtime`. /// /// /// This field cannot be updated. /// /// /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] - pub target_pod_selector: Option, - /// Specifies the maximum duration in seconds that the Action is allowed to run. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. /// /// - /// If the Action does not complete within this time frame, it will be terminated. + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// This field is mutually exclusive with the `container` field; only one of them should be provided. /// /// /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, } /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerEnv { +pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerExecEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, /// Variable references $(VAR_NAME) are expanded @@ -3391,31 +3363,31 @@ pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerEnv { pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, + pub value_from: Option, } /// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerEnvValueFrom { +pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerExecEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, + pub config_map_key_ref: Option, /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, + pub field_ref: Option, /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, + pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, + pub secret_key_ref: Option, } /// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerEnvValueFromConfigMapKeyRef { +pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerExecEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. @@ -3431,7 +3403,7 @@ pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerEnvValue /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerEnvValueFromFieldRef { +pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -3443,7 +3415,7 @@ pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerEnvValue /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerEnvValueFromResourceFieldRef { +pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -3456,7 +3428,7 @@ pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerEnvValue /// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerEnvValueFromSecretKeyRef { +pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerExecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3471,22 +3443,14 @@ pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerEnvValue /// Defines the command to run. /// -/// -/// This field cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerExec { - /// Args represents the arguments that are passed to the `command` for execution. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Specifies the command to be executed inside the container. - /// The working directory for this command is the container's root directory('/'). - /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. - /// If the shell is required, it must be explicitly invoked in the command. - /// - /// - /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerExecTargetPodSelector { + Any, + All, + Role, + Ordinal, } /// Specifies the HTTP request to perform. @@ -3553,28 +3517,6 @@ pub struct ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerRetryPol pub retry_interval: Option, } -/// Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. -/// It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging -/// tailored actions. -/// -/// -/// An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning -/// to support GRPCAction, -/// thereby accommodating unique logic for different database systems within the Action's framework. -/// -/// -/// In future iterations, all built-in handlers are expected to transition to GRPCAction. -/// This change means that Lorry or other sidecar agents will expose the implementation of actions -/// through a GRPC interface for external invocation. -/// Then the controller will interact with these actions via GRPCAction calls. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionLifecycleActionsPostProvisionCustomHandlerTargetPodSelector { - Any, - All, - Role, - Ordinal, -} - /// Specifies the hook to be executed prior to terminating a component. /// /// @@ -3698,27 +3640,6 @@ pub struct ComponentDefinitionLifecycleActionsPreTerminate { /// Then the controller will interact with these actions via GRPCAction calls. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandler { - /// Defines the name of the container within the target Pod where the action will be executed. - /// - /// - /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. - /// If this field is not specified, the default behavior is to use the first container listed in - /// `componentDefinition.spec.runtime`. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub container: Option, - /// Represents a list of environment variables that will be injected into the container. - /// These variables enable the container to adapt its behavior based on the environment it's running in. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, /// Defines the command to run. /// /// @@ -3734,31 +3655,6 @@ pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandler { /// Note: HTTPAction is to be implemented in future version. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// Specifies the container image to be used for running the Action. - /// - /// - /// When specified, a dedicated container will be created using this image to execute the Action. - /// This field is mutually exclusive with the `container` field; only one of them should be provided. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. - /// The impact of this field depends on the `targetPodSelector` value: - /// - /// - /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. - /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` - /// will be selected for the Action. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] - pub matching_key: Option, /// Specifies the state that the cluster must reach before the Action is executed. /// Currently, this is only applicable to the `postProvision` action. /// @@ -3789,31 +3685,97 @@ pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandler { /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] pub retry_policy: Option, - /// Defines the criteria used to select the target Pod(s) for executing the Action. - /// This is useful when there is no default target replica identified. - /// It allows for precise control over which Pod(s) the Action should run in. + /// Specifies the maximum duration in seconds that the Action is allowed to run. + /// + /// + /// If the Action does not complete within this time frame, it will be terminated. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerExec { + /// Args represents the arguments that are passed to the `command` for execution. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// Defines the name of the container within the target Pod where the action will be executed. + /// + /// + /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. + /// If this field is not specified, the default behavior is to use the first container listed in + /// `componentDefinition.spec.runtime`. /// /// /// This field cannot be updated. /// /// /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] - pub target_pod_selector: Option, - /// Specifies the maximum duration in seconds that the Action is allowed to run. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. /// /// - /// If the Action does not complete within this time frame, it will be terminated. + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// This field is mutually exclusive with the `container` field; only one of them should be provided. /// /// /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, } /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerEnv { +pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerExecEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, /// Variable references $(VAR_NAME) are expanded @@ -3829,31 +3791,31 @@ pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerEnv { pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, + pub value_from: Option, } /// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerEnvValueFrom { +pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerExecEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, + pub config_map_key_ref: Option, /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, + pub field_ref: Option, /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, + pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, + pub secret_key_ref: Option, } /// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerEnvValueFromConfigMapKeyRef { +pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerExecEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. @@ -3869,7 +3831,7 @@ pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerEnvValueF /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerEnvValueFromFieldRef { +pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -3881,7 +3843,7 @@ pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerEnvValueF /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerEnvValueFromResourceFieldRef { +pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -3894,7 +3856,7 @@ pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerEnvValueF /// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerEnvValueFromSecretKeyRef { +pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerExecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3911,20 +3873,12 @@ pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerEnvValueF /// /// /// This field cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerExec { - /// Args represents the arguments that are passed to the `command` for execution. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Specifies the command to be executed inside the container. - /// The working directory for this command is the container's root directory('/'). - /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. - /// If the shell is required, it must be explicitly invoked in the command. - /// - /// - /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerExecTargetPodSelector { + Any, + All, + Role, + Ordinal, } /// Specifies the HTTP request to perform. @@ -3991,28 +3945,6 @@ pub struct ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerRetryPoli pub retry_interval: Option, } -/// Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. -/// It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging -/// tailored actions. -/// -/// -/// An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning -/// to support GRPCAction, -/// thereby accommodating unique logic for different database systems within the Action's framework. -/// -/// -/// In future iterations, all built-in handlers are expected to transition to GRPCAction. -/// This change means that Lorry or other sidecar agents will expose the implementation of actions -/// through a GRPC interface for external invocation. -/// Then the controller will interact with these actions via GRPCAction calls. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionLifecycleActionsPreTerminateCustomHandlerTargetPodSelector { - Any, - All, - Role, - Ordinal, -} - /// Defines the procedure to switch a replica into the read-only state. /// /// @@ -4110,6 +4042,80 @@ pub struct ComponentDefinitionLifecycleActionsReadonly { /// Then the controller will interact with these actions via GRPCAction calls. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandler { + /// Defines the command to run. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + /// Specifies the HTTP request to perform. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: HTTPAction is to be implemented in future version. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub http: Option, + /// Specifies the state that the cluster must reach before the Action is executed. + /// Currently, this is only applicable to the `postProvision` action. + /// + /// + /// The conditions are as follows: + /// + /// + /// - `Immediately`: Executed right after the Component object is created. + /// The readiness of the Component and its resources is not guaranteed at this stage. + /// - `RuntimeReady`: The Action is triggered after the Component object has been created and all associated + /// runtime resources (e.g. Pods) are in a ready state. + /// - `ComponentReady`: The Action is triggered after the Component itself is in a ready state. + /// This process does not affect the readiness state of the Component or the Cluster. + /// - `ClusterReady`: The Action is executed after the Cluster is in a ready state. + /// This execution does not alter the Component or the Cluster's state of readiness. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preCondition")] + pub pre_condition: Option, + /// Defines the strategy to be taken when retrying the Action after a failure. + /// + /// + /// It specifies the conditions under which the Action should be retried and the limits to apply, + /// such as the maximum number of retries and backoff strategy. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] + pub retry_policy: Option, + /// Specifies the maximum duration in seconds that the Action is allowed to run. + /// + /// + /// If the Action does not complete within this time frame, it will be terminated. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerExec { + /// Args represents the arguments that are passed to the `command` for execution. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, /// Defines the name of the container within the target Pod where the action will be executed. /// /// @@ -4130,22 +4136,7 @@ pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandler { /// /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// Defines the command to run. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// Specifies the HTTP request to perform. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: HTTPAction is to be implemented in future version. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub http: Option, + pub env: Option>, /// Specifies the container image to be used for running the Action. /// /// @@ -4171,36 +4162,6 @@ pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandler { /// Note: This field is reserved for future use and is not currently active. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] pub matching_key: Option, - /// Specifies the state that the cluster must reach before the Action is executed. - /// Currently, this is only applicable to the `postProvision` action. - /// - /// - /// The conditions are as follows: - /// - /// - /// - `Immediately`: Executed right after the Component object is created. - /// The readiness of the Component and its resources is not guaranteed at this stage. - /// - `RuntimeReady`: The Action is triggered after the Component object has been created and all associated - /// runtime resources (e.g. Pods) are in a ready state. - /// - `ComponentReady`: The Action is triggered after the Component itself is in a ready state. - /// This process does not affect the readiness state of the Component or the Cluster. - /// - `ClusterReady`: The Action is executed after the Cluster is in a ready state. - /// This execution does not alter the Component or the Cluster's state of readiness. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preCondition")] - pub pre_condition: Option, - /// Defines the strategy to be taken when retrying the Action after a failure. - /// - /// - /// It specifies the conditions under which the Action should be retried and the limits to apply, - /// such as the maximum number of retries and backoff strategy. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] - pub retry_policy: Option, /// Defines the criteria used to select the target Pod(s) for executing the Action. /// This is useful when there is no default target replica identified. /// It allows for precise control over which Pod(s) the Action should run in. @@ -4211,21 +4172,12 @@ pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandler { /// /// Note: This field is reserved for future use and is not currently active. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] - pub target_pod_selector: Option, - /// Specifies the maximum duration in seconds that the Action is allowed to run. - /// - /// - /// If the Action does not complete within this time frame, it will be terminated. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, + pub target_pod_selector: Option, } /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerEnv { +pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerExecEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, /// Variable references $(VAR_NAME) are expanded @@ -4241,31 +4193,31 @@ pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerEnv { pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, + pub value_from: Option, } /// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerEnvValueFrom { +pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerExecEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, + pub config_map_key_ref: Option, /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, + pub field_ref: Option, /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, + pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, + pub secret_key_ref: Option, } /// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerEnvValueFromConfigMapKeyRef { +pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerExecEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. @@ -4281,7 +4233,7 @@ pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerEnvValueFromC /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerEnvValueFromFieldRef { +pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -4293,7 +4245,7 @@ pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerEnvValueFromF /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerEnvValueFromResourceFieldRef { +pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -4306,7 +4258,7 @@ pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerEnvValueFromR /// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerEnvValueFromSecretKeyRef { +pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerExecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4323,20 +4275,12 @@ pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerEnvValueFromS /// /// /// This field cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerExec { - /// Args represents the arguments that are passed to the `command` for execution. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Specifies the command to be executed inside the container. - /// The working directory for this command is the container's root directory('/'). - /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. - /// If the shell is required, it must be explicitly invoked in the command. - /// - /// - /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionLifecycleActionsReadonlyCustomHandlerExecTargetPodSelector { + Any, + All, + Role, + Ordinal, } /// Specifies the HTTP request to perform. @@ -4403,28 +4347,6 @@ pub struct ComponentDefinitionLifecycleActionsReadonlyCustomHandlerRetryPolicy { pub retry_interval: Option, } -/// Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. -/// It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging -/// tailored actions. -/// -/// -/// An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning -/// to support GRPCAction, -/// thereby accommodating unique logic for different database systems within the Action's framework. -/// -/// -/// In future iterations, all built-in handlers are expected to transition to GRPCAction. -/// This change means that Lorry or other sidecar agents will expose the implementation of actions -/// through a GRPC interface for external invocation. -/// Then the controller will interact with these actions via GRPCAction calls. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionLifecycleActionsReadonlyCustomHandlerTargetPodSelector { - Any, - All, - Role, - Ordinal, -} - /// Defines the procedure to transition a replica from the read-only state back to the read-write state. /// /// @@ -4524,27 +4446,6 @@ pub struct ComponentDefinitionLifecycleActionsReadwrite { /// Then the controller will interact with these actions via GRPCAction calls. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandler { - /// Defines the name of the container within the target Pod where the action will be executed. - /// - /// - /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. - /// If this field is not specified, the default behavior is to use the first container listed in - /// `componentDefinition.spec.runtime`. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub container: Option, - /// Represents a list of environment variables that will be injected into the container. - /// These variables enable the container to adapt its behavior based on the environment it's running in. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, /// Defines the command to run. /// /// @@ -4560,31 +4461,6 @@ pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandler { /// Note: HTTPAction is to be implemented in future version. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// Specifies the container image to be used for running the Action. - /// - /// - /// When specified, a dedicated container will be created using this image to execute the Action. - /// This field is mutually exclusive with the `container` field; only one of them should be provided. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. - /// The impact of this field depends on the `targetPodSelector` value: - /// - /// - /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. - /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` - /// will be selected for the Action. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] - pub matching_key: Option, /// Specifies the state that the cluster must reach before the Action is executed. /// Currently, this is only applicable to the `postProvision` action. /// @@ -4615,31 +4491,97 @@ pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandler { /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] pub retry_policy: Option, - /// Defines the criteria used to select the target Pod(s) for executing the Action. - /// This is useful when there is no default target replica identified. - /// It allows for precise control over which Pod(s) the Action should run in. + /// Specifies the maximum duration in seconds that the Action is allowed to run. + /// + /// + /// If the Action does not complete within this time frame, it will be terminated. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerExec { + /// Args represents the arguments that are passed to the `command` for execution. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// Defines the name of the container within the target Pod where the action will be executed. + /// + /// + /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. + /// If this field is not specified, the default behavior is to use the first container listed in + /// `componentDefinition.spec.runtime`. /// /// /// This field cannot be updated. /// /// /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] - pub target_pod_selector: Option, - /// Specifies the maximum duration in seconds that the Action is allowed to run. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. /// /// - /// If the Action does not complete within this time frame, it will be terminated. + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// This field is mutually exclusive with the `container` field; only one of them should be provided. /// /// /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, } /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerEnv { +pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerExecEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, /// Variable references $(VAR_NAME) are expanded @@ -4655,31 +4597,31 @@ pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerEnv { pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, + pub value_from: Option, } /// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerEnvValueFrom { +pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerExecEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, + pub config_map_key_ref: Option, /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, + pub field_ref: Option, /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, + pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, + pub secret_key_ref: Option, } /// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerEnvValueFromConfigMapKeyRef { +pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerExecEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. @@ -4695,7 +4637,7 @@ pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerEnvValueFrom /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerEnvValueFromFieldRef { +pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -4707,7 +4649,7 @@ pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerEnvValueFrom /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerEnvValueFromResourceFieldRef { +pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -4720,37 +4662,29 @@ pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerEnvValueFrom /// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerEnvValueFromSecretKeyRef { +pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerExecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Defines the command to run. -/// -/// -/// This field cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerExec { - /// Args represents the arguments that are passed to the `command` for execution. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Specifies the command to be executed inside the container. - /// The working directory for this command is the container's root directory('/'). - /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. - /// If the shell is required, it must be explicitly invoked in the command. - /// - /// - /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionLifecycleActionsReadwriteCustomHandlerExecTargetPodSelector { + Any, + All, + Role, + Ordinal, } /// Specifies the HTTP request to perform. @@ -4817,28 +4751,6 @@ pub struct ComponentDefinitionLifecycleActionsReadwriteCustomHandlerRetryPolicy pub retry_interval: Option, } -/// Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. -/// It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging -/// tailored actions. -/// -/// -/// An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning -/// to support GRPCAction, -/// thereby accommodating unique logic for different database systems within the Action's framework. -/// -/// -/// In future iterations, all built-in handlers are expected to transition to GRPCAction. -/// This change means that Lorry or other sidecar agents will expose the implementation of actions -/// through a GRPC interface for external invocation. -/// Then the controller will interact with these actions via GRPCAction calls. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionLifecycleActionsReadwriteCustomHandlerTargetPodSelector { - Any, - All, - Role, - Ordinal, -} - /// Defines the procedure that update a replica with new configuration. /// /// @@ -4922,27 +4834,6 @@ pub struct ComponentDefinitionLifecycleActionsReconfigure { /// Then the controller will interact with these actions via GRPCAction calls. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandler { - /// Defines the name of the container within the target Pod where the action will be executed. - /// - /// - /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. - /// If this field is not specified, the default behavior is to use the first container listed in - /// `componentDefinition.spec.runtime`. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub container: Option, - /// Represents a list of environment variables that will be injected into the container. - /// These variables enable the container to adapt its behavior based on the environment it's running in. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, /// Defines the command to run. /// /// @@ -4958,31 +4849,6 @@ pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandler { /// Note: HTTPAction is to be implemented in future version. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// Specifies the container image to be used for running the Action. - /// - /// - /// When specified, a dedicated container will be created using this image to execute the Action. - /// This field is mutually exclusive with the `container` field; only one of them should be provided. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. - /// The impact of this field depends on the `targetPodSelector` value: - /// - /// - /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. - /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` - /// will be selected for the Action. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] - pub matching_key: Option, /// Specifies the state that the cluster must reach before the Action is executed. /// Currently, this is only applicable to the `postProvision` action. /// @@ -5013,31 +4879,97 @@ pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandler { /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] pub retry_policy: Option, - /// Defines the criteria used to select the target Pod(s) for executing the Action. - /// This is useful when there is no default target replica identified. - /// It allows for precise control over which Pod(s) the Action should run in. + /// Specifies the maximum duration in seconds that the Action is allowed to run. + /// + /// + /// If the Action does not complete within this time frame, it will be terminated. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerExec { + /// Args represents the arguments that are passed to the `command` for execution. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// Defines the name of the container within the target Pod where the action will be executed. + /// + /// + /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. + /// If this field is not specified, the default behavior is to use the first container listed in + /// `componentDefinition.spec.runtime`. /// /// /// This field cannot be updated. /// /// /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] - pub target_pod_selector: Option, - /// Specifies the maximum duration in seconds that the Action is allowed to run. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. /// /// - /// If the Action does not complete within this time frame, it will be terminated. + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// This field is mutually exclusive with the `container` field; only one of them should be provided. /// /// /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, } /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerEnv { +pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerExecEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, /// Variable references $(VAR_NAME) are expanded @@ -5053,31 +4985,31 @@ pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerEnv { pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, + pub value_from: Option, } /// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerEnvValueFrom { +pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerExecEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, + pub config_map_key_ref: Option, /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, + pub field_ref: Option, /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, + pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, + pub secret_key_ref: Option, } /// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerEnvValueFromConfigMapKeyRef { +pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerExecEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. @@ -5093,7 +5025,7 @@ pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerEnvValueFr /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerEnvValueFromFieldRef { +pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -5105,7 +5037,7 @@ pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerEnvValueFr /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerEnvValueFromResourceFieldRef { +pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -5118,7 +5050,7 @@ pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerEnvValueFr /// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerEnvValueFromSecretKeyRef { +pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerExecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5135,20 +5067,12 @@ pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerEnvValueFr /// /// /// This field cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerExec { - /// Args represents the arguments that are passed to the `command` for execution. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Specifies the command to be executed inside the container. - /// The working directory for this command is the container's root directory('/'). - /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. - /// If the shell is required, it must be explicitly invoked in the command. - /// - /// - /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionLifecycleActionsReconfigureCustomHandlerExecTargetPodSelector { + Any, + All, + Role, + Ordinal, } /// Specifies the HTTP request to perform. @@ -5215,28 +5139,6 @@ pub struct ComponentDefinitionLifecycleActionsReconfigureCustomHandlerRetryPolic pub retry_interval: Option, } -/// Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. -/// It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging -/// tailored actions. -/// -/// -/// An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning -/// to support GRPCAction, -/// thereby accommodating unique logic for different database systems within the Action's framework. -/// -/// -/// In future iterations, all built-in handlers are expected to transition to GRPCAction. -/// This change means that Lorry or other sidecar agents will expose the implementation of actions -/// through a GRPC interface for external invocation. -/// Then the controller will interact with these actions via GRPCAction calls. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionLifecycleActionsReconfigureCustomHandlerTargetPodSelector { - Any, - All, - Role, - Ordinal, -} - /// Defines the procedure which is invoked regularly to assess the role of replicas. /// /// @@ -5257,76 +5159,42 @@ pub enum ComponentDefinitionLifecycleActionsReconfigureCustomHandlerTargetPodSel /// /// /// - KB_POD_FQDN: The FQDN of the Pod whose role is being assessed. -/// - KB_SERVICE_PORT: The port used by the database service. -/// - KB_SERVICE_USER: The username with the necessary permissions to interact with the database service. -/// - KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service. -/// -/// -/// Expected output of this action: -/// - On Success: The determined role of the replica, which must align with one of the roles specified -/// in the component definition. -/// - On Failure: An error message, if applicable, indicating why the action failed. -/// -/// -/// Note: This field is immutable once it has been set. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsRoleProbe { - /// Specifies the name of the predefined action handler to be invoked for lifecycle actions. - /// - /// - /// Lorry, as a sidecar agent co-located with the database container in the same Pod, - /// includes a suite of built-in action implementations that are tailored to different database engines. - /// These are known as "builtin" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`, - /// `postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. - /// - /// - /// If the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler - /// to execute the specified lifecycle actions. - /// - /// - /// The `builtinHandler` field is of type `BuiltinActionHandlerType`, - /// which represents the name of the built-in handler. - /// The `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all - /// actions. - /// This means that if you specify a built-in handler for one action, you should use the same handler - /// for all other actions throughout the entire `ComponentLifecycleActions` collection. - /// - /// - /// If you need to define lifecycle actions for database engines not covered by the existing built-in support, - /// or when the pre-existing built-in handlers do not meet your specific needs, - /// you can use the `customHandler` field to define your own action implementation. - /// - /// - /// Deprecation Notice: - /// - /// - /// - In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field - /// for configuring all lifecycle actions. - /// - Instead of using a name to indicate the built-in action implementations in Lorry, - /// the recommended approach will be to explicitly invoke the desired action implementation through - /// a gRPC interface exposed by the sidecar agent. - /// - Developers will have the flexibility to either use the built-in action implementations provided by Lorry - /// or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces. - /// - This change will allow for greater customization and extensibility of lifecycle actions, - /// as developers can create their own "builtin" implementations tailored to their specific requirements. +/// - KB_SERVICE_PORT: The port used by the database service. +/// - KB_SERVICE_USER: The username with the necessary permissions to interact with the database service. +/// - KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service. +/// +/// +/// Expected output of this action: +/// - On Success: The determined role of the replica, which must align with one of the roles specified +/// in the component definition. +/// - On Failure: An error message, if applicable, indicating why the action failed. +/// +/// +/// Note: This field is immutable once it has been set. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsRoleProbe { + /// TODO: remove this later. #[serde(default, skip_serializing_if = "Option::is_none", rename = "builtinHandler")] pub builtin_handler: Option, - /// Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. - /// It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging - /// tailored actions. + /// Defines the command to run. /// /// - /// An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning - /// to support GRPCAction, - /// thereby accommodating unique logic for different database systems within the Action's framework. + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] + pub failure_threshold: Option, + /// Specifies the HTTP request to perform. /// /// - /// In future iterations, all built-in handlers are expected to transition to GRPCAction. - /// This change means that Lorry or other sidecar agents will expose the implementation of actions - /// through a GRPC interface for external invocation. - /// Then the controller will interact with these actions via GRPCAction calls. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHandler")] - pub custom_handler: Option, + /// This field cannot be updated. + /// + /// + /// Note: HTTPAction is to be implemented in future version. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub http: Option, /// Specifies the number of seconds to wait after the container has started before the RoleProbe /// begins to detect the container's role. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] @@ -5335,28 +5203,69 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbe { /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Specifies the number of seconds after which the probe times out. - /// Defaults to 1 second. Minimum value is 1. + /// Specifies the state that the cluster must reach before the Action is executed. + /// Currently, this is only applicable to the `postProvision` action. + /// + /// + /// The conditions are as follows: + /// + /// + /// - `Immediately`: Executed right after the Component object is created. + /// The readiness of the Component and its resources is not guaranteed at this stage. + /// - `RuntimeReady`: The Action is triggered after the Component object has been created and all associated + /// runtime resources (e.g. Pods) are in a ready state. + /// - `ComponentReady`: The Action is triggered after the Component itself is in a ready state. + /// This process does not affect the readiness state of the Component or the Cluster. + /// - `ClusterReady`: The Action is executed after the Cluster is in a ready state. + /// This execution does not alter the Component or the Cluster's state of readiness. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preCondition")] + pub pre_condition: Option, + /// Defines the strategy to be taken when retrying the Action after a failure. + /// + /// + /// It specifies the conditions under which the Action should be retried and the limits to apply, + /// such as the maximum number of retries and backoff strategy. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] + pub retry_policy: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Minimum value is 1. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] + pub success_threshold: Option, + /// Specifies the maximum duration in seconds that the Action is allowed to run. + /// + /// + /// If the Action does not complete within this time frame, it will be terminated. + /// + /// + /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } -/// Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. -/// It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging -/// tailored actions. -/// -/// -/// An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning -/// to support GRPCAction, -/// thereby accommodating unique logic for different database systems within the Action's framework. +/// Defines the command to run. /// /// -/// In future iterations, all built-in handlers are expected to transition to GRPCAction. -/// This change means that Lorry or other sidecar agents will expose the implementation of actions -/// through a GRPC interface for external invocation. -/// Then the controller will interact with these actions via GRPCAction calls. +/// This field cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandler { +pub struct ComponentDefinitionLifecycleActionsRoleProbeExec { + /// Args represents the arguments that are passed to the `command` for execution. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, /// Defines the name of the container within the target Pod where the action will be executed. /// /// @@ -5377,22 +5286,7 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandler { /// /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// Defines the command to run. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// Specifies the HTTP request to perform. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: HTTPAction is to be implemented in future version. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub http: Option, + pub env: Option>, /// Specifies the container image to be used for running the Action. /// /// @@ -5418,36 +5312,6 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandler { /// Note: This field is reserved for future use and is not currently active. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] pub matching_key: Option, - /// Specifies the state that the cluster must reach before the Action is executed. - /// Currently, this is only applicable to the `postProvision` action. - /// - /// - /// The conditions are as follows: - /// - /// - /// - `Immediately`: Executed right after the Component object is created. - /// The readiness of the Component and its resources is not guaranteed at this stage. - /// - `RuntimeReady`: The Action is triggered after the Component object has been created and all associated - /// runtime resources (e.g. Pods) are in a ready state. - /// - `ComponentReady`: The Action is triggered after the Component itself is in a ready state. - /// This process does not affect the readiness state of the Component or the Cluster. - /// - `ClusterReady`: The Action is executed after the Cluster is in a ready state. - /// This execution does not alter the Component or the Cluster's state of readiness. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preCondition")] - pub pre_condition: Option, - /// Defines the strategy to be taken when retrying the Action after a failure. - /// - /// - /// It specifies the conditions under which the Action should be retried and the limits to apply, - /// such as the maximum number of retries and backoff strategy. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] - pub retry_policy: Option, /// Defines the criteria used to select the target Pod(s) for executing the Action. /// This is useful when there is no default target replica identified. /// It allows for precise control over which Pod(s) the Action should run in. @@ -5458,21 +5322,12 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandler { /// /// Note: This field is reserved for future use and is not currently active. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] - pub target_pod_selector: Option, - /// Specifies the maximum duration in seconds that the Action is allowed to run. - /// - /// - /// If the Action does not complete within this time frame, it will be terminated. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, + pub target_pod_selector: Option, } /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerEnv { +pub struct ComponentDefinitionLifecycleActionsRoleProbeExecEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, /// Variable references $(VAR_NAME) are expanded @@ -5488,31 +5343,31 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerEnv { pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, + pub value_from: Option, } /// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerEnvValueFrom { +pub struct ComponentDefinitionLifecycleActionsRoleProbeExecEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, + pub config_map_key_ref: Option, /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, + pub field_ref: Option, /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, + pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, + pub secret_key_ref: Option, } /// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerEnvValueFromConfigMapKeyRef { +pub struct ComponentDefinitionLifecycleActionsRoleProbeExecEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. @@ -5528,7 +5383,7 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerEnvValueFrom /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerEnvValueFromFieldRef { +pub struct ComponentDefinitionLifecycleActionsRoleProbeExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -5540,7 +5395,7 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerEnvValueFrom /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerEnvValueFromResourceFieldRef { +pub struct ComponentDefinitionLifecycleActionsRoleProbeExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -5553,7 +5408,7 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerEnvValueFrom /// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerEnvValueFromSecretKeyRef { +pub struct ComponentDefinitionLifecycleActionsRoleProbeExecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5570,20 +5425,12 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerEnvValueFrom /// /// /// This field cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerExec { - /// Args represents the arguments that are passed to the `command` for execution. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Specifies the command to be executed inside the container. - /// The working directory for this command is the container's root directory('/'). - /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. - /// If the shell is required, it must be explicitly invoked in the command. - /// - /// - /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionLifecycleActionsRoleProbeExecTargetPodSelector { + Any, + All, + Role, + Ordinal, } /// Specifies the HTTP request to perform. @@ -5594,7 +5441,7 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerExec { /// /// Note: HTTPAction is to be implemented in future version. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerHttp { +pub struct ComponentDefinitionLifecycleActionsRoleProbeHttp { /// Indicates the server's domain name or IP address. Defaults to the Pod's IP. /// Prefer setting the "Host" header in httpHeaders when needed. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5602,7 +5449,7 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerHttp { /// Allows for the inclusion of custom headers in the request. /// HTTP permits the use of repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, + pub http_headers: Option>, /// Represents the type of HTTP request to be made, such as "GET," "POST," "PUT," etc. /// If not specified, "GET" is the default method. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5622,7 +5469,7 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerHttp { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerHttpHttpHeaders { +pub struct ComponentDefinitionLifecycleActionsRoleProbeHttpHttpHeaders { /// The header field name. /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, @@ -5639,7 +5486,7 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerHttpHttpHead /// /// This field cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerRetryPolicy { +pub struct ComponentDefinitionLifecycleActionsRoleProbeRetryPolicy { /// Defines the maximum number of retry attempts that should be made for a given Action. /// This value is set to 0 by default, indicating that no retries will be made. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRetries")] @@ -5650,28 +5497,6 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerRetryPolicy pub retry_interval: Option, } -/// Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action. -/// It offers a flexible and expandable approach for customizing the behavior of a Component by leveraging -/// tailored actions. -/// -/// -/// An Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning -/// to support GRPCAction, -/// thereby accommodating unique logic for different database systems within the Action's framework. -/// -/// -/// In future iterations, all built-in handlers are expected to transition to GRPCAction. -/// This change means that Lorry or other sidecar agents will expose the implementation of actions -/// through a GRPC interface for external invocation. -/// Then the controller will interact with these actions via GRPCAction calls. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionLifecycleActionsRoleProbeCustomHandlerTargetPodSelector { - Any, - All, - Role, - Ordinal, -} - /// Defines the procedure for a controlled transition of leadership from the current leader to a new replica. /// This approach aims to minimize downtime and maintain availability in systems with a leader-follower topology, /// during events such as planned maintenance or when performing stop, shutdown, restart, or upgrade operations @@ -5727,6 +5552,80 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverScriptSpecSelectors { /// Note that only Action.Exec is currently supported, while Action.HTTP is not. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidate { + /// Defines the command to run. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + /// Specifies the HTTP request to perform. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: HTTPAction is to be implemented in future version. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub http: Option, + /// Specifies the state that the cluster must reach before the Action is executed. + /// Currently, this is only applicable to the `postProvision` action. + /// + /// + /// The conditions are as follows: + /// + /// + /// - `Immediately`: Executed right after the Component object is created. + /// The readiness of the Component and its resources is not guaranteed at this stage. + /// - `RuntimeReady`: The Action is triggered after the Component object has been created and all associated + /// runtime resources (e.g. Pods) are in a ready state. + /// - `ComponentReady`: The Action is triggered after the Component itself is in a ready state. + /// This process does not affect the readiness state of the Component or the Cluster. + /// - `ClusterReady`: The Action is executed after the Cluster is in a ready state. + /// This execution does not alter the Component or the Cluster's state of readiness. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preCondition")] + pub pre_condition: Option, + /// Defines the strategy to be taken when retrying the Action after a failure. + /// + /// + /// It specifies the conditions under which the Action should be retried and the limits to apply, + /// such as the maximum number of retries and backoff strategy. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] + pub retry_policy: Option, + /// Specifies the maximum duration in seconds that the Action is allowed to run. + /// + /// + /// If the Action does not complete within this time frame, it will be terminated. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateExec { + /// Args represents the arguments that are passed to the `command` for execution. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, /// Defines the name of the container within the target Pod where the action will be executed. /// /// @@ -5747,22 +5646,7 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidate { /// /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// Defines the command to run. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// Specifies the HTTP request to perform. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: HTTPAction is to be implemented in future version. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub http: Option, + pub env: Option>, /// Specifies the container image to be used for running the Action. /// /// @@ -5788,36 +5672,6 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidate { /// Note: This field is reserved for future use and is not currently active. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] pub matching_key: Option, - /// Specifies the state that the cluster must reach before the Action is executed. - /// Currently, this is only applicable to the `postProvision` action. - /// - /// - /// The conditions are as follows: - /// - /// - /// - `Immediately`: Executed right after the Component object is created. - /// The readiness of the Component and its resources is not guaranteed at this stage. - /// - `RuntimeReady`: The Action is triggered after the Component object has been created and all associated - /// runtime resources (e.g. Pods) are in a ready state. - /// - `ComponentReady`: The Action is triggered after the Component itself is in a ready state. - /// This process does not affect the readiness state of the Component or the Cluster. - /// - `ClusterReady`: The Action is executed after the Cluster is in a ready state. - /// This execution does not alter the Component or the Cluster's state of readiness. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preCondition")] - pub pre_condition: Option, - /// Defines the strategy to be taken when retrying the Action after a failure. - /// - /// - /// It specifies the conditions under which the Action should be retried and the limits to apply, - /// such as the maximum number of retries and backoff strategy. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] - pub retry_policy: Option, /// Defines the criteria used to select the target Pod(s) for executing the Action. /// This is useful when there is no default target replica identified. /// It allows for precise control over which Pod(s) the Action should run in. @@ -5828,21 +5682,12 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidate { /// /// Note: This field is reserved for future use and is not currently active. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] - pub target_pod_selector: Option, - /// Specifies the maximum duration in seconds that the Action is allowed to run. - /// - /// - /// If the Action does not complete within this time frame, it will be terminated. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, + pub target_pod_selector: Option, } /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateEnv { +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateExecEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, /// Variable references $(VAR_NAME) are expanded @@ -5858,31 +5703,31 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateEnv { pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, + pub value_from: Option, } /// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateEnvValueFrom { +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateExecEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, + pub config_map_key_ref: Option, /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, + pub field_ref: Option, /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, + pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, + pub secret_key_ref: Option, } /// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateEnvValueFromConfigMapKeyRef { +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateExecEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. @@ -5898,7 +5743,7 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateEnvValueFro /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateEnvValueFromFieldRef { +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -5910,7 +5755,7 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateEnvValueFro /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateEnvValueFromResourceFieldRef { +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -5923,7 +5768,7 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateEnvValueFro /// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateEnvValueFromSecretKeyRef { +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateExecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5940,20 +5785,12 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateEnvValueFro /// /// /// This field cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateExec { - /// Args represents the arguments that are passed to the `command` for execution. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Specifies the command to be executed inside the container. - /// The working directory for this command is the container's root directory('/'). - /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. - /// If the shell is required, it must be explicitly invoked in the command. - /// - /// - /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionLifecycleActionsSwitchoverWithCandidateExecTargetPodSelector { + Any, + All, + Role, + Ordinal, } /// Specifies the HTTP request to perform. @@ -6020,41 +5857,10 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithCandidateRetryPolicy pub retry_interval: Option, } -/// Represents the switchover process for a specified candidate primary or leader instance. -/// Note that only Action.Exec is currently supported, while Action.HTTP is not. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionLifecycleActionsSwitchoverWithCandidateTargetPodSelector { - Any, - All, - Role, - Ordinal, -} - /// Represents a switchover process that does not involve a specific candidate primary or leader instance. /// As with the previous field, only Action.Exec is currently supported, not Action.HTTP. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidate { - /// Defines the name of the container within the target Pod where the action will be executed. - /// - /// - /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. - /// If this field is not specified, the default behavior is to use the first container listed in - /// `componentDefinition.spec.runtime`. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub container: Option, - /// Represents a list of environment variables that will be injected into the container. - /// These variables enable the container to adapt its behavior based on the environment it's running in. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, /// Defines the command to run. /// /// @@ -6070,31 +5876,6 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidate { /// Note: HTTPAction is to be implemented in future version. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// Specifies the container image to be used for running the Action. - /// - /// - /// When specified, a dedicated container will be created using this image to execute the Action. - /// This field is mutually exclusive with the `container` field; only one of them should be provided. - /// - /// - /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. - /// The impact of this field depends on the `targetPodSelector` value: - /// - /// - /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. - /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` - /// will be selected for the Action. - /// - /// - /// This field cannot be updated. - /// - /// - /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] - pub matching_key: Option, /// Specifies the state that the cluster must reach before the Action is executed. /// Currently, this is only applicable to the `postProvision` action. /// @@ -6125,31 +5906,97 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidate { /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] pub retry_policy: Option, - /// Defines the criteria used to select the target Pod(s) for executing the Action. - /// This is useful when there is no default target replica identified. - /// It allows for precise control over which Pod(s) the Action should run in. + /// Specifies the maximum duration in seconds that the Action is allowed to run. + /// + /// + /// If the Action does not complete within this time frame, it will be terminated. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateExec { + /// Args represents the arguments that are passed to the `command` for execution. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// Defines the name of the container within the target Pod where the action will be executed. + /// + /// + /// This name must correspond to one of the containers defined in `componentDefinition.spec.runtime`. + /// If this field is not specified, the default behavior is to use the first container listed in + /// `componentDefinition.spec.runtime`. /// /// /// This field cannot be updated. /// /// /// Note: This field is reserved for future use and is not currently active. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] - pub target_pod_selector: Option, - /// Specifies the maximum duration in seconds that the Action is allowed to run. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. /// /// - /// If the Action does not complete within this time frame, it will be terminated. + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// This field is mutually exclusive with the `container` field; only one of them should be provided. /// /// /// This field cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// This field cannot be updated. + /// + /// + /// Note: This field is reserved for future use and is not currently active. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, } /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateEnv { +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateExecEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, /// Variable references $(VAR_NAME) are expanded @@ -6165,31 +6012,31 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateEnv { pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, + pub value_from: Option, } /// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateEnvValueFrom { +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateExecEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, + pub config_map_key_ref: Option, /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, + pub field_ref: Option, /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, + pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, + pub secret_key_ref: Option, } /// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateEnvValueFromConfigMapKeyRef { +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateExecEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. @@ -6205,7 +6052,7 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateEnvValue /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateEnvValueFromFieldRef { +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -6217,7 +6064,7 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateEnvValue /// Selects a resource of the container: only resources limits and requests /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateEnvValueFromResourceFieldRef { +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -6230,7 +6077,7 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateEnvValue /// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateEnvValueFromSecretKeyRef { +pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateExecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -6247,20 +6094,12 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateEnvValue /// /// /// This field cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateExec { - /// Args represents the arguments that are passed to the `command` for execution. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Specifies the command to be executed inside the container. - /// The working directory for this command is the container's root directory('/'). - /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. - /// If the shell is required, it must be explicitly invoked in the command. - /// - /// - /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateExecTargetPodSelector { + Any, + All, + Role, + Ordinal, } /// Specifies the HTTP request to perform. @@ -6327,16 +6166,6 @@ pub struct ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateRetryPol pub retry_interval: Option, } -/// Represents a switchover process that does not involve a specific candidate primary or leader instance. -/// As with the previous field, only Action.Exec is currently supported, not Action.HTTP. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionLifecycleActionsSwitchoverWithoutCandidateTargetPodSelector { - Any, - All, - Role, - Ordinal, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLogConfigs { /// Specifies the paths or patterns identifying where the log files are stored. @@ -6355,33 +6184,6 @@ pub struct ComponentDefinitionLogConfigs { pub name: String, } -/// Deprecated since v0.9 -/// monitor is monitoring config which provided by provider. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionMonitor { - /// builtIn is a switch to enable KubeBlocks builtIn monitoring. - /// If BuiltIn is set to true, monitor metrics will be scraped automatically. - /// If BuiltIn is set to false, the provider should set ExporterConfig and Sidecar container own. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "builtIn")] - pub built_in: Option, - /// exporterConfig provided by provider, which specify necessary information to Time Series Database. - /// exporterConfig is valid when builtIn is false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "exporterConfig")] - pub exporter_config: Option, -} - -/// exporterConfig provided by provider, which specify necessary information to Time Series Database. -/// exporterConfig is valid when builtIn is false. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionMonitorExporterConfig { - /// scrapePath is exporter url path for Time Series Database to scrape metrics. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapePath")] - pub scrape_path: Option, - /// scrapePort is exporter port for Time Series Database to scrape metrics. - #[serde(rename = "scrapePort")] - pub scrape_port: IntOrString, -} - /// PolicyRule holds information that describes a policy rule, but does not contain information /// about who the rule applies to or which namespace the rule applies to. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/components.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/components.rs index bc5d8b834..5213b5ad8 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/components.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/components.rs @@ -113,6 +113,21 @@ pub struct ComponentSpec { /// The administrator must manually manage the cleanup and removal of these resources when they are no longer needed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "offlineInstances")] pub offline_instances: Option>, + /// Controls the concurrency of pods during initial scale up, when replacing pods on nodes, + /// or when scaling down. It only used when `PodManagementPolicy` is set to `Parallel`. + /// The default Concurrency is 100%. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "parallelPodManagementConcurrency")] + pub parallel_pod_management_concurrency: Option, + /// PodUpdatePolicy indicates how pods should be updated + /// + /// + /// - `StrictInPlace` indicates that only allows in-place upgrades. + /// Any attempt to modify other fields will be rejected. + /// - `PreferInPlace` indicates that we will first attempt an in-place upgrade of the Pod. + /// If that fails, it will fall back to the ReCreate, where pod will be recreated. + /// Default value is "PreferInPlace" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podUpdatePolicy")] + pub pod_update_policy: Option, /// Specifies the desired number of replicas in the Component for enhancing availability and durability, or load balancing. pub replicas: i32, /// Specifies the resources required by the Component. @@ -183,6 +198,10 @@ pub struct ComponentSpec { /// by clients. #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option>, + /// Stop the Component. + /// If set, all the computing resources will be released. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub stop: Option, /// Overrides system accounts defined in referenced ComponentDefinition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemAccounts")] pub system_accounts: Option>, diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/opsrequests.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/opsrequests.rs index c1bf59469..bcf96256f 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/opsrequests.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/opsrequests.rs @@ -112,10 +112,19 @@ pub struct OpsRequestSpec { /// Lists Switchover objects, each specifying a Component to perform the switchover operation. #[serde(default, skip_serializing_if = "Option::is_none")] pub switchover: Option>, + /// Specifies the maximum duration (in seconds) that an opsRequest is allowed to run. + /// If the opsRequest runs longer than this duration, its phase will be marked as Aborted. + /// If this value is not set or set to 0, the timeout will be ignored and the opsRequest will run indefinitely. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, /// Specifies the duration in seconds that an OpsRequest will remain in the system after successfully completing /// (when `opsRequest.status.phase` is "Succeed") before automatic deletion. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ttlSecondsAfterSucceed")] pub ttl_seconds_after_succeed: Option, + /// Specifies the duration in seconds that an OpsRequest will remain in the system after completion + /// for any phase other than "Succeed" (e.g., "Failed", "Cancelled", "Aborted") before automatic deletion. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ttlSecondsAfterUnsuccessfulCompletion")] + pub ttl_seconds_after_unsuccessful_completion: Option, /// Specifies the type of this operation. Supported types include "Start", "Stop", "Restart", "Switchover", /// "VerticalScaling", "HorizontalScaling", "VolumeExpansion", "Reconfiguring", "Upgrade", "Backup", "Restore", /// "Expose", "DataScript", "RebuildInstance", "Custom". @@ -388,7 +397,7 @@ pub struct OpsRequestExposeServices { /// If specified, the service will only be exposed to pods matching the selector. /// /// - /// Note: At least one of 'roleSelector' or 'podSelector' must be specified. + /// Note: If the component has roles, at least one of 'roleSelector' or 'podSelector' must be specified. /// If both are specified, a pod must match both conditions to be selected. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] pub pod_selector: Option>, @@ -407,7 +416,7 @@ pub struct OpsRequestExposeServices { /// If specified, the service will only be exposed to pods with the matching role. /// /// - /// Note: At least one of 'roleSelector' or 'podSelector' must be specified. + /// Note: If the component has roles, at least one of 'roleSelector' or 'podSelector' must be specified. /// If both are specified, a pod must match both conditions to be selected. #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleSelector")] pub role_selector: Option, @@ -3224,6 +3233,11 @@ pub struct OpsRequestRebuildFrom { /// Specifies the name of the Component. #[serde(rename = "componentName")] pub component_name: String, + /// When it is set to true, the instance will be rebuilt in-place. + /// By default, a new pod will be created. Once the new pod is ready to serve, + /// the instance that require rebuilding will be taken offline. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "inPlace")] + pub in_place: Option, /// Specifies the instances (Pods) that need to be rebuilt, typically operating as standbys. pub instances: Vec, /// Defines container environment variables for the restore process. diff --git a/kube-custom-resources-rs/src/aquasecurity_github_io/v1alpha1/clusterconfigauditreports.rs b/kube-custom-resources-rs/src/aquasecurity_github_io/v1alpha1/clusterconfigauditreports.rs index 2b63d7a64..6f82f2fa2 100644 --- a/kube-custom-resources-rs/src/aquasecurity_github_io/v1alpha1/clusterconfigauditreports.rs +++ b/kube-custom-resources-rs/src/aquasecurity_github_io/v1alpha1/clusterconfigauditreports.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/aquasecurity_github_io/v1alpha1/configauditreports.rs b/kube-custom-resources-rs/src/aquasecurity_github_io/v1alpha1/configauditreports.rs index 87a9a391b..de713d4a6 100644 --- a/kube-custom-resources-rs/src/aquasecurity_github_io/v1alpha1/configauditreports.rs +++ b/kube-custom-resources-rs/src/aquasecurity_github_io/v1alpha1/configauditreports.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/argoproj_io/v1alpha1/argocdexports.rs b/kube-custom-resources-rs/src/argoproj_io/v1alpha1/argocdexports.rs index 96dadeae5..a2080d36b 100644 --- a/kube-custom-resources-rs/src/argoproj_io/v1alpha1/argocdexports.rs +++ b/kube-custom-resources-rs/src/argoproj_io/v1alpha1/argocdexports.rs @@ -53,25 +53,61 @@ pub struct ArgoCDExportStorage { /// PVC is the desired characteristics for a PersistentVolumeClaim. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDExportStoragePvc { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -79,10 +115,19 @@ pub struct ArgoCDExportStoragePvc { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDExportStoragePvcDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -91,33 +136,73 @@ pub struct ArgoCDExportStoragePvcDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDExportStoragePvcDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDExportStoragePvcResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -125,7 +210,9 @@ pub struct ArgoCDExportStoragePvcResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDExportStoragePvcResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -135,19 +222,26 @@ pub struct ArgoCDExportStoragePvcSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDExportStoragePvcSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -155,7 +249,13 @@ pub struct ArgoCDExportStoragePvcSelectorMatchExpressions { /// ArgoCDExportStatus defines the observed state of ArgoCDExport #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDExportStatus { - /// Phase is a simple, high-level summary of where the ArgoCDExport is in its lifecycle. There are five possible phase values: Pending: The ArgoCDExport has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the containers for the ArgoCDExport are still running, or in the process of starting or restarting. Succeeded: All containers for the ArgoCDExport have terminated in success, and will not be restarted. Failed: At least one container has terminated in failure, either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the ArgoCDExport could not be obtained. + /// Phase is a simple, high-level summary of where the ArgoCDExport is in its lifecycle. + /// There are five possible phase values: + /// Pending: The ArgoCDExport has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the containers for the ArgoCDExport are still running, or in the process of starting or restarting. + /// Succeeded: All containers for the ArgoCDExport have terminated in success, and will not be restarted. + /// Failed: At least one container has terminated in failure, either exited with non-zero status or was terminated by the system. + /// Unknown: For some reason the state of the ArgoCDExport could not be obtained. pub phase: String, } diff --git a/kube-custom-resources-rs/src/argoproj_io/v1alpha1/argocds.rs b/kube-custom-resources-rs/src/argoproj_io/v1alpha1/argocds.rs index c6ccae97f..ecc77e3a2 100644 --- a/kube-custom-resources-rs/src/argoproj_io/v1alpha1/argocds.rs +++ b/kube-custom-resources-rs/src/argoproj_io/v1alpha1/argocds.rs @@ -38,14 +38,20 @@ pub struct ArgoCDSpec { /// DefaultClusterScopedRoleDisabled will disable creation of default ClusterRoles for a cluster scoped instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultClusterScopedRoleDisabled")] pub default_cluster_scoped_role_disabled: Option, - /// Deprecated field. Support dropped in v1beta1 version. Dex defines the Dex server options for ArgoCD. + /// Deprecated field. Support dropped in v1beta1 version. + /// Dex defines the Dex server options for ArgoCD. #[serde(default, skip_serializing_if = "Option::is_none")] pub dex: Option, /// DisableAdmin will disable the admin user. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableAdmin")] pub disable_admin: Option, - /// ExtraConfig can be used to add fields to Argo CD configmap that are not supported by Argo CD CRD. - /// Note: ExtraConfig takes precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` = true and also `a.Spec.ExtraConfig["admin.enabled"]` = true. In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data["admin.enabled"] = true. + /// ExtraConfig can be used to add fields to Argo CD configmap that are not supported by Argo CD CRD. + /// + /// + /// Note: ExtraConfig takes precedence over Argo CD CRD. + /// For example, A user sets `argocd.Spec.DisableAdmin` = true and also + /// `a.Spec.ExtraConfig["admin.enabled"]` = true. In this case, operator updates + /// Argo CD Configmap as follows -> argocd-cm.Data["admin.enabled"] = true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraConfig")] pub extra_config: Option>, /// GAAnonymizeUsers toggles user IDs being hashed before sending to google analytics. @@ -114,7 +120,8 @@ pub struct ArgoCDSpec { /// ResourceActions customizes resource action behavior. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceActions")] pub resource_actions: Option>, - /// Deprecated field. Support dropped in v1beta1 version. ResourceCustomizations customizes resource behavior. Keys are in the form: group/Kind. Please note that this is being deprecated in favor of ResourceHealthChecks, ResourceIgnoreDifferences, and ResourceActions. + /// Deprecated field. Support dropped in v1beta1 version. + /// ResourceCustomizations customizes resource behavior. Keys are in the form: group/Kind. Please note that this is being deprecated in favor of ResourceHealthChecks, ResourceIgnoreDifferences, and ResourceActions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceCustomizations")] pub resource_customizations: Option, /// ResourceExclusions is used to completely ignore entire classes of resource group/kinds. @@ -126,7 +133,8 @@ pub struct ArgoCDSpec { /// ResourceIgnoreDifferences customizes resource ignore difference behavior. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceIgnoreDifferences")] pub resource_ignore_differences: Option, - /// ResourceInclusions is used to only include specific group/kinds in the reconciliation process. + /// ResourceInclusions is used to only include specific group/kinds in the + /// reconciliation process. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceInclusions")] pub resource_inclusions: Option, /// ResourceTrackingMethod defines how Argo CD should track resources that it manages @@ -147,7 +155,8 @@ pub struct ArgoCDSpec { /// TLS defines the TLS options for ArgoCD. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// UsersAnonymousEnabled toggles anonymous user access. The anonymous users get default role permissions specified argocd-rbac-cm. + /// UsersAnonymousEnabled toggles anonymous user access. + /// The anonymous users get default role permissions specified argocd-rbac-cm. #[serde(default, skip_serializing_if = "Option::is_none", rename = "usersAnonymousEnabled")] pub users_anonymous_enabled: Option, /// Version is the tag to use with the ArgoCD container image for all ArgoCD components. @@ -161,7 +170,10 @@ pub struct ArgoCDApplicationSet { /// Env lets you specify environment for applicationSet controller pods #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// ExtraCommandArgs allows users to pass command line arguments to ApplicationSet controller. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraCommandArgs will not overwrite the default command line arguments. + /// ExtraCommandArgs allows users to pass command line arguments to ApplicationSet controller. + /// They get added to default command line arguments provided by the operator. + /// Please note that the command line arguments provided as part of ExtraCommandArgs + /// will not overwrite the default command line arguments. #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraCommandArgs")] pub extra_command_args: Option>, /// Image is the Argo CD ApplicationSet image (optional) @@ -186,7 +198,15 @@ pub struct ArgoCDApplicationSet { pub struct ArgoCDApplicationSetEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -200,10 +220,12 @@ pub struct ArgoCDApplicationSetEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -216,7 +238,9 @@ pub struct ArgoCDApplicationSetEnvValueFrom { pub struct ArgoCDApplicationSetEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -224,7 +248,8 @@ pub struct ArgoCDApplicationSetEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDApplicationSetEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -235,7 +260,8 @@ pub struct ArgoCDApplicationSetEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDApplicationSetEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -253,7 +279,9 @@ pub struct ArgoCDApplicationSetEnvValueFromResourceFieldRef { pub struct ArgoCDApplicationSetEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -264,15 +292,25 @@ pub struct ArgoCDApplicationSetEnvValueFromSecretKeyRef { /// Resources defines the Compute Resources required by the container for ApplicationSet. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDApplicationSetResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -280,7 +318,9 @@ pub struct ArgoCDApplicationSetResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDApplicationSetResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -312,7 +352,11 @@ pub struct ArgoCDApplicationSetWebhookServerIngress { /// Path used for the Ingress resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI. + /// TLS configuration. Currently the Ingress only supports a single TLS + /// port, 443. If multiple members of this list specify different hosts, they + /// will be multiplexed on the same port according to the hostname specified + /// through the SNI TLS extension, if the ingress controller fulfilling the + /// ingress supports SNI. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option>, } @@ -320,10 +364,17 @@ pub struct ArgoCDApplicationSetWebhookServerIngress { /// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDApplicationSetWebhookServerIngressTls { - /// hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, - /// secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing. + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -359,11 +410,20 @@ pub struct ArgoCDApplicationSetWebhookServerRouteTls { /// certificate provides certificate contents #[serde(default, skip_serializing_if = "Option::is_none")] pub certificate: Option, - /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. + /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt + /// termination this file should be provided in order to have routers use it for health checks on the secure connection. + /// If this field is not specified, the router may provide its own destination CA and perform hostname validation using + /// the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + /// verify. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationCACertificate")] pub destination_ca_certificate: Option, - /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - /// * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While + /// each router may make its own decisions on which ports to expose, this is normally port 80. + /// + /// + /// * Allow - traffic is sent to the server on the insecure port (default) + /// * Disable - no traffic is allowed on the insecure port. + /// * Redirect - clients are redirected to the secure port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureEdgeTerminationPolicy")] pub insecure_edge_termination_policy: Option, /// key provides key file contents @@ -386,8 +446,12 @@ pub struct ArgoCDBanner { /// Controller defines the Application Controller options for ArgoCD. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDController { - /// AppSync is used to control the sync frequency, by default the ArgoCD controller polls Git every 3m. - /// Set this to a duration, e.g. 10m or 600s to control the synchronisation frequency. + /// AppSync is used to control the sync frequency, by default the ArgoCD + /// controller polls Git every 3m. + /// + /// + /// Set this to a duration, e.g. 10m or 600s to control the synchronisation + /// frequency. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appSync")] pub app_sync: Option, /// Env lets you specify environment for application controller pods @@ -418,7 +482,15 @@ pub struct ArgoCDController { pub struct ArgoCDControllerEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -432,10 +504,12 @@ pub struct ArgoCDControllerEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -448,7 +522,9 @@ pub struct ArgoCDControllerEnvValueFrom { pub struct ArgoCDControllerEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -456,7 +532,8 @@ pub struct ArgoCDControllerEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDControllerEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -467,7 +544,8 @@ pub struct ArgoCDControllerEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDControllerEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -485,7 +563,9 @@ pub struct ArgoCDControllerEnvValueFromResourceFieldRef { pub struct ArgoCDControllerEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -507,15 +587,25 @@ pub struct ArgoCDControllerProcessors { /// Resources defines the Compute Resources required by the container for the Application Controller. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDControllerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -523,7 +613,9 @@ pub struct ArgoCDControllerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDControllerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -550,7 +642,8 @@ pub struct ArgoCDControllerSharding { pub replicas: Option, } -/// Deprecated field. Support dropped in v1beta1 version. Dex defines the Dex server options for ArgoCD. +/// Deprecated field. Support dropped in v1beta1 version. +/// Dex defines the Dex server options for ArgoCD. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDDex { /// Config is the dex connector configuration. @@ -576,15 +669,25 @@ pub struct ArgoCDDex { /// Resources defines the Compute Resources required by the container for Dex. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDDexResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -592,7 +695,9 @@ pub struct ArgoCDDexResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDDexResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -638,7 +743,11 @@ pub struct ArgoCDGrafanaIngress { /// Path used for the Ingress resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI. + /// TLS configuration. Currently the Ingress only supports a single TLS + /// port, 443. If multiple members of this list specify different hosts, they + /// will be multiplexed on the same port according to the hostname specified + /// through the SNI TLS extension, if the ingress controller fulfilling the + /// ingress supports SNI. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option>, } @@ -646,10 +755,17 @@ pub struct ArgoCDGrafanaIngress { /// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDGrafanaIngressTls { - /// hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, - /// secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing. + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -657,15 +773,25 @@ pub struct ArgoCDGrafanaIngressTls { /// Resources defines the Compute Resources required by the container for Grafana. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDGrafanaResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -673,7 +799,9 @@ pub struct ArgoCDGrafanaResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDGrafanaResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -708,11 +836,20 @@ pub struct ArgoCDGrafanaRouteTls { /// certificate provides certificate contents #[serde(default, skip_serializing_if = "Option::is_none")] pub certificate: Option, - /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. + /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt + /// termination this file should be provided in order to have routers use it for health checks on the secure connection. + /// If this field is not specified, the router may provide its own destination CA and perform hostname validation using + /// the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + /// verify. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationCACertificate")] pub destination_ca_certificate: Option, - /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - /// * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While + /// each router may make its own decisions on which ports to expose, this is normally port 80. + /// + /// + /// * Allow - traffic is sent to the server on the insecure port (default) + /// * Disable - no traffic is allowed on the insecure port. + /// * Redirect - clients are redirected to the secure port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureEdgeTerminationPolicy")] pub insecure_edge_termination_policy: Option, /// key provides key file contents @@ -741,15 +878,25 @@ pub struct ArgoCDHa { /// Resources defines the Compute Resources required by the container for HA. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDHaResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -757,7 +904,9 @@ pub struct ArgoCDHaResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDHaResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -774,10 +923,12 @@ pub struct ArgoCDImport { /// InitialSSHKnownHosts defines the SSH known hosts data upon creation of the cluster for connecting Git repositories via SSH. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDInitialSshKnownHosts { - /// ExcludeDefaultHosts describes whether you would like to include the default list of SSH Known Hosts provided by ArgoCD. + /// ExcludeDefaultHosts describes whether you would like to include the default + /// list of SSH Known Hosts provided by ArgoCD. #[serde(default, skip_serializing_if = "Option::is_none")] pub excludedefaulthosts: Option, - /// Keys describes a custom set of SSH Known Hosts that you would like to have included in your ArgoCD server. + /// Keys describes a custom set of SSH Known Hosts that you would like to + /// have included in your ArgoCD server. #[serde(default, skip_serializing_if = "Option::is_none")] pub keys: Option, } @@ -814,22 +965,32 @@ pub struct ArgoCDNodePlacement { pub tolerations: Option>, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDNodePlacementTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -864,7 +1025,15 @@ pub struct ArgoCDNotifications { pub struct ArgoCDNotificationsEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -878,10 +1047,12 @@ pub struct ArgoCDNotificationsEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -894,7 +1065,9 @@ pub struct ArgoCDNotificationsEnvValueFrom { pub struct ArgoCDNotificationsEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -902,7 +1075,8 @@ pub struct ArgoCDNotificationsEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDNotificationsEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -913,7 +1087,8 @@ pub struct ArgoCDNotificationsEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDNotificationsEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -931,7 +1106,9 @@ pub struct ArgoCDNotificationsEnvValueFromResourceFieldRef { pub struct ArgoCDNotificationsEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -942,15 +1119,25 @@ pub struct ArgoCDNotificationsEnvValueFromSecretKeyRef { /// Resources defines the Compute Resources required by the container for Argo CD Notifications. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDNotificationsResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -958,7 +1145,9 @@ pub struct ArgoCDNotificationsResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDNotificationsResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -995,7 +1184,11 @@ pub struct ArgoCDPrometheusIngress { /// Path used for the Ingress resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI. + /// TLS configuration. Currently the Ingress only supports a single TLS + /// port, 443. If multiple members of this list specify different hosts, they + /// will be multiplexed on the same port according to the hostname specified + /// through the SNI TLS extension, if the ingress controller fulfilling the + /// ingress supports SNI. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option>, } @@ -1003,10 +1196,17 @@ pub struct ArgoCDPrometheusIngress { /// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDPrometheusIngressTls { - /// hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, - /// secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing. + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -1042,11 +1242,20 @@ pub struct ArgoCDPrometheusRouteTls { /// certificate provides certificate contents #[serde(default, skip_serializing_if = "Option::is_none")] pub certificate: Option, - /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. + /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt + /// termination this file should be provided in order to have routers use it for health checks on the secure connection. + /// If this field is not specified, the router may provide its own destination CA and perform hostname validation using + /// the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + /// verify. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationCACertificate")] pub destination_ca_certificate: Option, - /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - /// * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While + /// each router may make its own decisions on which ports to expose, this is normally port 80. + /// + /// + /// * Allow - traffic is sent to the server on the insecure port (default) + /// * Disable - no traffic is allowed on the insecure port. + /// * Redirect - clients are redirected to the secure port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureEdgeTerminationPolicy")] pub insecure_edge_termination_policy: Option, /// key provides key file contents @@ -1059,16 +1268,25 @@ pub struct ArgoCDPrometheusRouteTls { /// RBAC defines the RBAC configuration for Argo CD. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRbac { - /// DefaultPolicy is the name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc... + /// DefaultPolicy is the name of the default role which Argo CD will falls back to, when + /// authorizing API requests (optional). If omitted or empty, users may be still be able to login, + /// but will see no apps, projects, etc... #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultPolicy")] pub default_policy: Option, - /// Policy is CSV containing user-defined RBAC policies and role definitions. Policy rules are in the form: p, subject, resource, action, object, effect Role definitions and bindings are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. + /// Policy is CSV containing user-defined RBAC policies and role definitions. + /// Policy rules are in the form: + /// p, subject, resource, action, object, effect + /// Role definitions and bindings are in the form: + /// g, subject, inherited-subject + /// See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. #[serde(default, skip_serializing_if = "Option::is_none")] pub policy: Option, - /// PolicyMatcherMode configures the matchers function mode for casbin. There are two options for this, 'glob' for glob matcher or 'regex' for regex matcher. + /// PolicyMatcherMode configures the matchers function mode for casbin. + /// There are two options for this, 'glob' for glob matcher or 'regex' for regex matcher. #[serde(default, skip_serializing_if = "Option::is_none", rename = "policyMatcherMode")] pub policy_matcher_mode: Option, - /// Scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). If omitted, defaults to: '[groups]'. + /// Scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). + /// If omitted, defaults to: '[groups]'. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option, } @@ -1076,7 +1294,9 @@ pub struct ArgoCDRbac { /// Redis defines the Redis server options for ArgoCD. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRedis { - /// AutoTLS specifies the method to use for automatic TLS configuration for the redis server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config + /// AutoTLS specifies the method to use for automatic TLS configuration for the redis server + /// The value specified here can currently be: + /// - openshift - Use the OpenShift service CA to request TLS config #[serde(default, skip_serializing_if = "Option::is_none")] pub autotls: Option, /// DisableTLSVerification defines whether redis server API should be accessed using strict TLS validation @@ -1096,15 +1316,25 @@ pub struct ArgoCDRedis { /// Resources defines the Compute Resources required by the container for Redis. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRedisResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -1112,14 +1342,18 @@ pub struct ArgoCDRedisResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRedisResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } /// Repo defines the repo server options for Argo CD. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepo { - /// AutoTLS specifies the method to use for automatic TLS configuration for the repo server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config + /// AutoTLS specifies the method to use for automatic TLS configuration for the repo server + /// The value specified here can currently be: + /// - openshift - Use the OpenShift service CA to request TLS config #[serde(default, skip_serializing_if = "Option::is_none")] pub autotls: Option, /// Env lets you specify environment for repo server pods @@ -1128,7 +1362,9 @@ pub struct ArgoCDRepo { /// ExecTimeout specifies the timeout in seconds for tool execution #[serde(default, skip_serializing_if = "Option::is_none", rename = "execTimeout")] pub exec_timeout: Option, - /// Extra Command arguments allows users to pass command line arguments to repo server workload. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraRepoCommandArgs will not overwrite the default command line arguments. + /// Extra Command arguments allows users to pass command line arguments to repo server workload. They get added to default command line arguments provided + /// by the operator. + /// Please note that the command line arguments provided as part of ExtraRepoCommandArgs will not overwrite the default command line arguments. #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraRepoCommandArgs")] pub extra_repo_command_args: Option>, /// Image is the ArgoCD Repo Server container image. @@ -1177,7 +1413,15 @@ pub struct ArgoCDRepo { pub struct ArgoCDRepoEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -1191,10 +1435,12 @@ pub struct ArgoCDRepoEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -1207,7 +1453,9 @@ pub struct ArgoCDRepoEnvValueFrom { pub struct ArgoCDRepoEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1215,7 +1463,8 @@ pub struct ArgoCDRepoEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -1226,7 +1475,8 @@ pub struct ArgoCDRepoEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -1244,7 +1494,9 @@ pub struct ArgoCDRepoEnvValueFromResourceFieldRef { pub struct ArgoCDRepoEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1255,75 +1507,166 @@ pub struct ArgoCDRepoEnvValueFromSecretKeyRef { /// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainers { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -1333,7 +1676,15 @@ pub struct ArgoCDRepoInitContainers { pub struct ArgoCDRepoInitContainersEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -1347,10 +1698,12 @@ pub struct ArgoCDRepoInitContainersEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -1363,7 +1716,9 @@ pub struct ArgoCDRepoInitContainersEnvValueFrom { pub struct ArgoCDRepoInitContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1371,7 +1726,8 @@ pub struct ArgoCDRepoInitContainersEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -1382,7 +1738,8 @@ pub struct ArgoCDRepoInitContainersEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -1400,7 +1757,9 @@ pub struct ArgoCDRepoInitContainersEnvValueFromResourceFieldRef { pub struct ArgoCDRepoInitContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1425,7 +1784,9 @@ pub struct ArgoCDRepoInitContainersEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1436,7 +1797,9 @@ pub struct ArgoCDRepoInitContainersEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1444,18 +1807,33 @@ pub struct ArgoCDRepoInitContainersEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePostStart { /// Exec specifies the action to take. @@ -1464,7 +1842,9 @@ pub struct ArgoCDRepoInitContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -1472,7 +1852,11 @@ pub struct ArgoCDRepoInitContainersLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -1480,7 +1864,8 @@ pub struct ArgoCDRepoInitContainersLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1489,9 +1874,12 @@ pub struct ArgoCDRepoInitContainersLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1499,23 +1887,36 @@ pub struct ArgoCDRepoInitContainersLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePreStop { /// Exec specifies the action to take. @@ -1524,7 +1925,9 @@ pub struct ArgoCDRepoInitContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -1532,7 +1935,11 @@ pub struct ArgoCDRepoInitContainersLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -1540,7 +1947,8 @@ pub struct ArgoCDRepoInitContainersLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1549,9 +1957,12 @@ pub struct ArgoCDRepoInitContainersLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1559,29 +1970,38 @@ pub struct ArgoCDRepoInitContainersLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -1590,22 +2010,36 @@ pub struct ArgoCDRepoInitContainersLivenessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1613,7 +2047,11 @@ pub struct ArgoCDRepoInitContainersLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -1623,8 +2061,11 @@ pub struct ArgoCDRepoInitContainersLivenessProbeExec { pub struct ArgoCDRepoInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1632,7 +2073,8 @@ pub struct ArgoCDRepoInitContainersLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1641,9 +2083,12 @@ pub struct ArgoCDRepoInitContainersLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1651,7 +2096,8 @@ pub struct ArgoCDRepoInitContainersLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1663,37 +2109,50 @@ pub struct ArgoCDRepoInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -1702,22 +2161,36 @@ pub struct ArgoCDRepoInitContainersReadinessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1725,7 +2198,11 @@ pub struct ArgoCDRepoInitContainersReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -1735,8 +2212,11 @@ pub struct ArgoCDRepoInitContainersReadinessProbeExec { pub struct ArgoCDRepoInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1744,7 +2224,8 @@ pub struct ArgoCDRepoInitContainersReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1753,9 +2234,12 @@ pub struct ArgoCDRepoInitContainersReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1763,7 +2247,8 @@ pub struct ArgoCDRepoInitContainersReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1775,33 +2260,49 @@ pub struct ArgoCDRepoInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersResizePolicy { - /// Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, - /// Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -1809,49 +2310,95 @@ pub struct ArgoCDRepoInitContainersResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersSecurityContextCapabilities { /// Added capabilities @@ -1862,7 +2409,11 @@ pub struct ArgoCDRepoInitContainersSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -1879,42 +2430,71 @@ pub struct ArgoCDRepoInitContainersSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -1923,22 +2503,36 @@ pub struct ArgoCDRepoInitContainersStartupProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1946,7 +2540,11 @@ pub struct ArgoCDRepoInitContainersStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -1956,8 +2554,11 @@ pub struct ArgoCDRepoInitContainersStartupProbeExec { pub struct ArgoCDRepoInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1965,7 +2566,8 @@ pub struct ArgoCDRepoInitContainersStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1974,9 +2576,12 @@ pub struct ArgoCDRepoInitContainersStartupProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1984,7 +2589,8 @@ pub struct ArgoCDRepoInitContainersStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1996,7 +2602,9 @@ pub struct ArgoCDRepoInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -2013,21 +2621,30 @@ pub struct ArgoCDRepoInitContainersVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -2035,15 +2652,25 @@ pub struct ArgoCDRepoInitContainersVolumeMounts { /// Resources defines the Compute Resources required by the container for Redis. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -2051,82 +2678,175 @@ pub struct ArgoCDRepoResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } /// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainers { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -2136,7 +2856,15 @@ pub struct ArgoCDRepoSidecarContainers { pub struct ArgoCDRepoSidecarContainersEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -2150,10 +2878,12 @@ pub struct ArgoCDRepoSidecarContainersEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -2166,7 +2896,9 @@ pub struct ArgoCDRepoSidecarContainersEnvValueFrom { pub struct ArgoCDRepoSidecarContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2174,7 +2906,8 @@ pub struct ArgoCDRepoSidecarContainersEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2185,7 +2918,8 @@ pub struct ArgoCDRepoSidecarContainersEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -2203,7 +2937,9 @@ pub struct ArgoCDRepoSidecarContainersEnvValueFromResourceFieldRef { pub struct ArgoCDRepoSidecarContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2228,7 +2964,9 @@ pub struct ArgoCDRepoSidecarContainersEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -2239,7 +2977,9 @@ pub struct ArgoCDRepoSidecarContainersEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -2247,18 +2987,33 @@ pub struct ArgoCDRepoSidecarContainersEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePostStart { /// Exec specifies the action to take. @@ -2267,7 +3022,9 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -2275,7 +3032,11 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2283,7 +3044,8 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2292,9 +3054,12 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2302,23 +3067,36 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePreStop { /// Exec specifies the action to take. @@ -2327,7 +3105,9 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -2335,7 +3115,11 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2343,7 +3127,8 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2352,9 +3137,12 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2362,29 +3150,38 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -2393,22 +3190,36 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2416,7 +3227,11 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2426,8 +3241,11 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbeExec { pub struct ArgoCDRepoSidecarContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2435,7 +3253,8 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2444,9 +3263,12 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2454,7 +3276,8 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2466,37 +3289,50 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -2505,22 +3341,36 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2528,7 +3378,11 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2538,8 +3392,11 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbeExec { pub struct ArgoCDRepoSidecarContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2547,7 +3404,8 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2556,9 +3414,12 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2566,7 +3427,8 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2578,33 +3440,49 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersResizePolicy { - /// Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, - /// Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -2612,49 +3490,95 @@ pub struct ArgoCDRepoSidecarContainersResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersSecurityContextCapabilities { /// Added capabilities @@ -2665,7 +3589,11 @@ pub struct ArgoCDRepoSidecarContainersSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -2682,42 +3610,71 @@ pub struct ArgoCDRepoSidecarContainersSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -2726,22 +3683,36 @@ pub struct ArgoCDRepoSidecarContainersStartupProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2749,7 +3720,11 @@ pub struct ArgoCDRepoSidecarContainersStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2759,8 +3734,11 @@ pub struct ArgoCDRepoSidecarContainersStartupProbeExec { pub struct ArgoCDRepoSidecarContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2768,7 +3746,8 @@ pub struct ArgoCDRepoSidecarContainersStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2777,9 +3756,12 @@ pub struct ArgoCDRepoSidecarContainersStartupProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2787,7 +3769,8 @@ pub struct ArgoCDRepoSidecarContainersStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2799,7 +3782,9 @@ pub struct ArgoCDRepoSidecarContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -2816,21 +3801,30 @@ pub struct ArgoCDRepoSidecarContainersVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -2838,21 +3832,30 @@ pub struct ArgoCDRepoSidecarContainersVolumeMounts { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -2860,7 +3863,9 @@ pub struct ArgoCDRepoVolumeMounts { /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. @@ -2872,7 +3877,8 @@ pub struct ArgoCDRepoVolumes { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume @@ -2884,46 +3890,91 @@ pub struct ArgoCDRepoVolumes { /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - /// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). - /// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - /// A pod can use both types of ephemeral volumes and persistent volumes at the same time. + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, - /// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// --- + /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, - /// name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine @@ -2938,13 +3989,15 @@ pub struct ArgoCDRepoVolumes { /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, - /// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. @@ -2955,19 +4008,30 @@ pub struct ArgoCDRepoVolumes { pub vsphere_volume: Option, } -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } @@ -2984,13 +4048,16 @@ pub struct ArgoCDRepoVolumesAzureDisk { /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, - /// fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -2998,7 +4065,8 @@ pub struct ArgoCDRepoVolumesAzureDisk { /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretName is the name of secret that contains Azure Storage Account Name and Key @@ -3012,54 +4080,74 @@ pub struct ArgoCDRepoVolumesAzureFile { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesCephfsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesCinder { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } -/// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesCinderSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3067,13 +4155,27 @@ pub struct ArgoCDRepoVolumesCinderSecretRef { /// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -3086,36 +4188,59 @@ pub struct ArgoCDRepoVolumesConfigMap { pub struct ArgoCDRepoVolumesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } -/// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesCsiNodePublishSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3123,7 +4248,14 @@ pub struct ArgoCDRepoVolumesCsiNodePublishSecretRef { /// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// Items is a list of downward API volume file @@ -3137,12 +4269,18 @@ pub struct ArgoCDRepoVolumesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -3158,7 +4296,8 @@ pub struct ArgoCDRepoVolumesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -3171,72 +4310,190 @@ pub struct ArgoCDRepoVolumesDownwardApiItemsResourceFieldRef { pub resource: String, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } -/// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. -/// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). -/// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. -/// A pod can use both types of ephemeral volumes and persistent volumes at the same time. +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - /// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - /// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - /// Required, must not be nil. + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// + /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } -/// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). -/// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. -/// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. -/// Required, must not be nil. +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. pub spec: ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpec, } -/// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateMetadata { } -/// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -3244,10 +4501,19 @@ pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -3256,33 +4522,73 @@ pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3290,7 +4596,9 @@ pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -3300,19 +4608,26 @@ pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3320,46 +4635,65 @@ pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpress /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesFc { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } -/// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesFlexVolume { /// driver is the name of the driver to use for this volume. pub driver: String, - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesFlexVolumeSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3367,7 +4701,8 @@ pub struct ArgoCDRepoVolumesFlexVolumeSecretRef { /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -3375,27 +4710,46 @@ pub struct ArgoCDRepoVolumesFlocker { pub dataset_uuid: Option, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesGitRepo { - /// directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// repository is the URL @@ -3405,29 +4759,47 @@ pub struct ArgoCDRepoVolumesGitRepo { pub revision: Option, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, - /// path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +/// --- +/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not +/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesHostPath { - /// path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, - /// type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesIscsi { /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication @@ -3436,29 +4808,39 @@ pub struct ArgoCDRepoVolumesIscsi { /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, /// iqn is the target iSCSI Qualified Name. pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, /// lun represents iSCSI Target Lun number. pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } @@ -3466,30 +4848,41 @@ pub struct ArgoCDRepoVolumesIscsi { /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesIscsiSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesNfs { - /// path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } -/// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. Default false. + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -3497,7 +4890,9 @@ pub struct ArgoCDRepoVolumesPersistentVolumeClaim { /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// pdID is the ID that identifies Photon Controller persistent disk @@ -3508,10 +4903,13 @@ pub struct ArgoCDRepoVolumesPhotonPersistentDisk { /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesPortworxVolume { - /// fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// volumeID uniquely identifies a Portworx volume @@ -3522,7 +4920,12 @@ pub struct ArgoCDRepoVolumesPortworxVolume { /// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// sources is the list of volume projections @@ -3550,10 +4953,18 @@ pub struct ArgoCDRepoVolumesProjectedSources { /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -3566,10 +4977,18 @@ pub struct ArgoCDRepoVolumesProjectedSourcesConfigMap { pub struct ArgoCDRepoVolumesProjectedSourcesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -3587,12 +5006,18 @@ pub struct ArgoCDRepoVolumesProjectedSourcesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -3608,7 +5033,8 @@ pub struct ArgoCDRepoVolumesProjectedSourcesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -3624,10 +5050,18 @@ pub struct ArgoCDRepoVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -3640,78 +5074,124 @@ pub struct ArgoCDRepoVolumesProjectedSourcesSecret { pub struct ArgoCDRepoVolumesProjectedSourcesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesQuobyte { - /// group to map volume access to Default is no group + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, - /// tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, - /// user to map volume access to Defaults to serivceaccount user + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, - /// keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, - /// monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, - /// pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesRbdSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3719,7 +5199,10 @@ pub struct ArgoCDRepoVolumesRbdSecretRef { /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesScaleIo { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// gateway is the host address of the ScaleIO API Gateway. @@ -3727,16 +5210,19 @@ pub struct ArgoCDRepoVolumesScaleIo { /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: ArgoCDRepoVolumesScaleIoSecretRef, /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, /// storagePool is the ScaleIO Storage Pool associated with the protection domain. @@ -3744,32 +5230,50 @@ pub struct ArgoCDRepoVolumesScaleIo { pub storage_pool: Option, /// system is the name of the storage system as configured in ScaleIO. pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesScaleIoSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -3779,37 +5283,58 @@ pub struct ArgoCDRepoVolumesSecret { pub struct ArgoCDRepoVolumesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesStorageos { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } -/// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesStorageosSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3817,7 +5342,9 @@ pub struct ArgoCDRepoVolumesStorageosSecretRef { /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesVsphereVolume { - /// fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. @@ -3902,7 +5429,9 @@ pub struct ArgoCDServer { /// Env lets you specify environment for API server pods #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// Extra Command arguments that would append to the Argo CD server command. ExtraCommandArgs will not be added, if one of these commands is already part of the server command with same or different value. + /// Extra Command arguments that would append to the Argo CD server command. + /// ExtraCommandArgs will not be added, if one of these commands is already part of the server command + /// with same or different value. #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraCommandArgs")] pub extra_command_args: Option>, /// GRPC defines the state for the Argo CD Server GRPC options. @@ -3953,18 +5482,25 @@ pub struct ArgoCDServerAutoscaleHpa { /// maxReplicas is the upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas. #[serde(rename = "maxReplicas")] pub max_replicas: i32, - /// minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available. + /// minReplicas is the lower limit for the number of replicas to which the autoscaler + /// can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the + /// alpha feature gate HPAScaleToZero is enabled and at least one Object or External + /// metric is configured. Scaling is active as long as at least one metric value is + /// available. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReplicas")] pub min_replicas: Option, - /// reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption and will set the desired number of pods by using its Scale subresource. + /// reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption + /// and will set the desired number of pods by using its Scale subresource. #[serde(rename = "scaleTargetRef")] pub scale_target_ref: ArgoCDServerAutoscaleHpaScaleTargetRef, - /// targetCPUUtilizationPercentage is the target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used. + /// targetCPUUtilizationPercentage is the target average CPU utilization (represented as a percentage of requested CPU) over all the pods; + /// if not specified the default autoscaling policy will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetCPUUtilizationPercentage")] pub target_cpu_utilization_percentage: Option, } -/// reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption and will set the desired number of pods by using its Scale subresource. +/// reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption +/// and will set the desired number of pods by using its Scale subresource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerAutoscaleHpaScaleTargetRef { /// apiVersion is the API version of the referent @@ -3981,7 +5517,15 @@ pub struct ArgoCDServerAutoscaleHpaScaleTargetRef { pub struct ArgoCDServerEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -3995,10 +5539,12 @@ pub struct ArgoCDServerEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -4011,7 +5557,9 @@ pub struct ArgoCDServerEnvValueFrom { pub struct ArgoCDServerEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -4019,7 +5567,8 @@ pub struct ArgoCDServerEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -4030,7 +5579,8 @@ pub struct ArgoCDServerEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -4048,7 +5598,9 @@ pub struct ArgoCDServerEnvValueFromResourceFieldRef { pub struct ArgoCDServerEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4081,7 +5633,11 @@ pub struct ArgoCDServerGrpcIngress { /// Path used for the Ingress resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI. + /// TLS configuration. Currently the Ingress only supports a single TLS + /// port, 443. If multiple members of this list specify different hosts, they + /// will be multiplexed on the same port according to the hostname specified + /// through the SNI TLS extension, if the ingress controller fulfilling the + /// ingress supports SNI. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option>, } @@ -4089,10 +5645,17 @@ pub struct ArgoCDServerGrpcIngress { /// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerGrpcIngressTls { - /// hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, - /// secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing. + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -4111,7 +5674,11 @@ pub struct ArgoCDServerIngress { /// Path used for the Ingress resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI. + /// TLS configuration. Currently the Ingress only supports a single TLS + /// port, 443. If multiple members of this list specify different hosts, they + /// will be multiplexed on the same port according to the hostname specified + /// through the SNI TLS extension, if the ingress controller fulfilling the + /// ingress supports SNI. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option>, } @@ -4119,10 +5686,17 @@ pub struct ArgoCDServerIngress { /// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerIngressTls { - /// hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, - /// secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing. + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -4130,15 +5704,25 @@ pub struct ArgoCDServerIngressTls { /// Resources defines the Compute Resources required by the container for the Argo CD server component. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -4146,7 +5730,9 @@ pub struct ArgoCDServerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -4181,11 +5767,20 @@ pub struct ArgoCDServerRouteTls { /// certificate provides certificate contents #[serde(default, skip_serializing_if = "Option::is_none")] pub certificate: Option, - /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. + /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt + /// termination this file should be provided in order to have routers use it for health checks on the secure connection. + /// If this field is not specified, the router may provide its own destination CA and perform hostname validation using + /// the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + /// verify. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationCACertificate")] pub destination_ca_certificate: Option, - /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - /// * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While + /// each router may make its own decisions on which ports to expose, this is normally port 80. + /// + /// + /// * Allow - traffic is sent to the server on the insecure port (default) + /// * Disable - no traffic is allowed on the insecure port. + /// * Redirect - clients are redirected to the secure port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureEdgeTerminationPolicy")] pub insecure_edge_termination_policy: Option, /// key provides key file contents @@ -4209,7 +5804,8 @@ pub struct ArgoCDSso { /// Dex contains the configuration for Argo CD dex authentication #[serde(default, skip_serializing_if = "Option::is_none")] pub dex: Option, - /// Deprecated field. Support dropped in v1beta1 version. Image is the SSO container image. + /// Deprecated field. Support dropped in v1beta1 version. + /// Image is the SSO container image. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, /// Keycloak contains the configuration for Argo CD keycloak authentication @@ -4218,13 +5814,16 @@ pub struct ArgoCDSso { /// Provider installs and configures the given SSO Provider with Argo CD. #[serde(default, skip_serializing_if = "Option::is_none")] pub provider: Option, - /// Deprecated field. Support dropped in v1beta1 version. Resources defines the Compute Resources required by the container for SSO. + /// Deprecated field. Support dropped in v1beta1 version. + /// Resources defines the Compute Resources required by the container for SSO. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// Deprecated field. Support dropped in v1beta1 version. VerifyTLS set to false disables strict TLS validation. + /// Deprecated field. Support dropped in v1beta1 version. + /// VerifyTLS set to false disables strict TLS validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "verifyTLS")] pub verify_tls: Option, - /// Deprecated field. Support dropped in v1beta1 version. Version is the SSO container image tag. + /// Deprecated field. Support dropped in v1beta1 version. + /// Version is the SSO container image tag. #[serde(default, skip_serializing_if = "Option::is_none")] pub version: Option, } @@ -4255,15 +5854,25 @@ pub struct ArgoCDSsoDex { /// Resources defines the Compute Resources required by the container for Dex. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDSsoDexResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -4271,7 +5880,9 @@ pub struct ArgoCDSsoDexResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDSsoDexResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -4301,15 +5912,25 @@ pub struct ArgoCDSsoKeycloak { /// Resources defines the Compute Resources required by the container for Keycloak. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDSsoKeycloakResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -4317,22 +5938,35 @@ pub struct ArgoCDSsoKeycloakResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDSsoKeycloakResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// Deprecated field. Support dropped in v1beta1 version. Resources defines the Compute Resources required by the container for SSO. +/// Deprecated field. Support dropped in v1beta1 version. +/// Resources defines the Compute Resources required by the container for SSO. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDSsoResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -4340,7 +5974,9 @@ pub struct ArgoCDSsoResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDSsoResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -4369,37 +6005,77 @@ pub struct ArgoCDTlsCa { /// ArgoCDStatus defines the observed state of ArgoCD #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDStatus { - /// ApplicationController is a simple, high-level summary of where the Argo CD application controller component is in its lifecycle. There are four possible ApplicationController values: Pending: The Argo CD application controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD application controller component are in a Ready state. Failed: At least one of the Argo CD application controller component Pods had a failure. Unknown: The state of the Argo CD application controller component could not be obtained. + /// ApplicationController is a simple, high-level summary of where the Argo CD application controller component is in its lifecycle. + /// There are four possible ApplicationController values: + /// Pending: The Argo CD application controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD application controller component are in a Ready state. + /// Failed: At least one of the Argo CD application controller component Pods had a failure. + /// Unknown: The state of the Argo CD application controller component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applicationController")] pub application_controller: Option, - /// ApplicationSetController is a simple, high-level summary of where the Argo CD applicationSet controller component is in its lifecycle. There are four possible ApplicationSetController values: Pending: The Argo CD applicationSet controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD applicationSet controller component are in a Ready state. Failed: At least one of the Argo CD applicationSet controller component Pods had a failure. Unknown: The state of the Argo CD applicationSet controller component could not be obtained. + /// ApplicationSetController is a simple, high-level summary of where the Argo CD applicationSet controller component is in its lifecycle. + /// There are four possible ApplicationSetController values: + /// Pending: The Argo CD applicationSet controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD applicationSet controller component are in a Ready state. + /// Failed: At least one of the Argo CD applicationSet controller component Pods had a failure. + /// Unknown: The state of the Argo CD applicationSet controller component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applicationSetController")] pub application_set_controller: Option, /// Host is the hostname of the Ingress. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// NotificationsController is a simple, high-level summary of where the Argo CD notifications controller component is in its lifecycle. There are four possible NotificationsController values: Pending: The Argo CD notifications controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD notifications controller component are in a Ready state. Failed: At least one of the Argo CD notifications controller component Pods had a failure. Unknown: The state of the Argo CD notifications controller component could not be obtained. + /// NotificationsController is a simple, high-level summary of where the Argo CD notifications controller component is in its lifecycle. + /// There are four possible NotificationsController values: + /// Pending: The Argo CD notifications controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD notifications controller component are in a Ready state. + /// Failed: At least one of the Argo CD notifications controller component Pods had a failure. + /// Unknown: The state of the Argo CD notifications controller component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none", rename = "notificationsController")] pub notifications_controller: Option, - /// Phase is a simple, high-level summary of where the ArgoCD is in its lifecycle. There are four possible phase values: Pending: The ArgoCD has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Available: All of the resources for the ArgoCD are ready. Failed: At least one resource has experienced a failure. Unknown: The state of the ArgoCD phase could not be obtained. + /// Phase is a simple, high-level summary of where the ArgoCD is in its lifecycle. + /// There are four possible phase values: + /// Pending: The ArgoCD has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Available: All of the resources for the ArgoCD are ready. + /// Failed: At least one resource has experienced a failure. + /// Unknown: The state of the ArgoCD phase could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// Redis is a simple, high-level summary of where the Argo CD Redis component is in its lifecycle. There are four possible redis values: Pending: The Argo CD Redis component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD Redis component are in a Ready state. Failed: At least one of the Argo CD Redis component Pods had a failure. Unknown: The state of the Argo CD Redis component could not be obtained. + /// Redis is a simple, high-level summary of where the Argo CD Redis component is in its lifecycle. + /// There are four possible redis values: + /// Pending: The Argo CD Redis component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD Redis component are in a Ready state. + /// Failed: At least one of the Argo CD Redis component Pods had a failure. + /// Unknown: The state of the Argo CD Redis component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none")] pub redis: Option, /// RedisTLSChecksum contains the SHA256 checksum of the latest known state of tls.crt and tls.key in the argocd-operator-redis-tls secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "redisTLSChecksum")] pub redis_tls_checksum: Option, - /// Repo is a simple, high-level summary of where the Argo CD Repo component is in its lifecycle. There are four possible repo values: Pending: The Argo CD Repo component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD Repo component are in a Ready state. Failed: At least one of the Argo CD Repo component Pods had a failure. Unknown: The state of the Argo CD Repo component could not be obtained. + /// Repo is a simple, high-level summary of where the Argo CD Repo component is in its lifecycle. + /// There are four possible repo values: + /// Pending: The Argo CD Repo component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD Repo component are in a Ready state. + /// Failed: At least one of the Argo CD Repo component Pods had a failure. + /// Unknown: The state of the Argo CD Repo component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none")] pub repo: Option, /// RepoTLSChecksum contains the SHA256 checksum of the latest known state of tls.crt and tls.key in the argocd-repo-server-tls secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "repoTLSChecksum")] pub repo_tls_checksum: Option, - /// Server is a simple, high-level summary of where the Argo CD server component is in its lifecycle. There are four possible server values: Pending: The Argo CD server component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD server component are in a Ready state. Failed: At least one of the Argo CD server component Pods had a failure. Unknown: The state of the Argo CD server component could not be obtained. + /// Server is a simple, high-level summary of where the Argo CD server component is in its lifecycle. + /// There are four possible server values: + /// Pending: The Argo CD server component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD server component are in a Ready state. + /// Failed: At least one of the Argo CD server component Pods had a failure. + /// Unknown: The state of the Argo CD server component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none")] pub server: Option, - /// SSO is a simple, high-level summary of where the Argo CD SSO(Dex/Keycloak) component is in its lifecycle. There are four possible sso values: Pending: The Argo CD SSO component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD SSO component are in a Ready state. Failed: At least one of the Argo CD SSO component Pods had a failure. Unknown: The state of the Argo CD SSO component could not be obtained. + /// SSO is a simple, high-level summary of where the Argo CD SSO(Dex/Keycloak) component is in its lifecycle. + /// There are four possible sso values: + /// Pending: The Argo CD SSO component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD SSO component are in a Ready state. + /// Failed: At least one of the Argo CD SSO component Pods had a failure. + /// Unknown: The state of the Argo CD SSO component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none")] pub sso: Option, } diff --git a/kube-custom-resources-rs/src/argoproj_io/v1beta1/argocds.rs b/kube-custom-resources-rs/src/argoproj_io/v1beta1/argocds.rs index 00a699f97..f06835ceb 100644 --- a/kube-custom-resources-rs/src/argoproj_io/v1beta1/argocds.rs +++ b/kube-custom-resources-rs/src/argoproj_io/v1beta1/argocds.rs @@ -41,8 +41,13 @@ pub struct ArgoCDSpec { /// DisableAdmin will disable the admin user. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableAdmin")] pub disable_admin: Option, - /// ExtraConfig can be used to add fields to Argo CD configmap that are not supported by Argo CD CRD. - /// Note: ExtraConfig takes precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` = true and also `a.Spec.ExtraConfig["admin.enabled"]` = true. In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data["admin.enabled"] = true. + /// ExtraConfig can be used to add fields to Argo CD configmap that are not supported by Argo CD CRD. + /// + /// + /// Note: ExtraConfig takes precedence over Argo CD CRD. + /// For example, A user sets `argocd.Spec.DisableAdmin` = true and also + /// `a.Spec.ExtraConfig["admin.enabled"]` = true. In this case, operator updates + /// Argo CD Configmap as follows -> argocd-cm.Data["admin.enabled"] = true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraConfig")] pub extra_config: Option>, /// GAAnonymizeUsers toggles user IDs being hashed before sending to google analytics. @@ -120,7 +125,8 @@ pub struct ArgoCDSpec { /// ResourceIgnoreDifferences customizes resource ignore difference behavior. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceIgnoreDifferences")] pub resource_ignore_differences: Option, - /// ResourceInclusions is used to only include specific group/kinds in the reconciliation process. + /// ResourceInclusions is used to only include specific group/kinds in the + /// reconciliation process. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceInclusions")] pub resource_inclusions: Option, /// ResourceTrackingMethod defines how Argo CD should track resources that it manages @@ -141,7 +147,8 @@ pub struct ArgoCDSpec { /// TLS defines the TLS options for ArgoCD. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// UsersAnonymousEnabled toggles anonymous user access. The anonymous users get default role permissions specified argocd-rbac-cm. + /// UsersAnonymousEnabled toggles anonymous user access. + /// The anonymous users get default role permissions specified argocd-rbac-cm. #[serde(default, skip_serializing_if = "Option::is_none", rename = "usersAnonymousEnabled")] pub users_anonymous_enabled: Option, /// Version is the tag to use with the ArgoCD container image for all ArgoCD components. @@ -158,7 +165,10 @@ pub struct ArgoCDApplicationSet { /// Env lets you specify environment for applicationSet controller pods #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// ExtraCommandArgs allows users to pass command line arguments to ApplicationSet controller. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraCommandArgs will not overwrite the default command line arguments. + /// ExtraCommandArgs allows users to pass command line arguments to ApplicationSet controller. + /// They get added to default command line arguments provided by the operator. + /// Please note that the command line arguments provided as part of ExtraCommandArgs + /// will not overwrite the default command line arguments. #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraCommandArgs")] pub extra_command_args: Option>, /// Image is the Argo CD ApplicationSet image (optional) @@ -192,7 +202,15 @@ pub struct ArgoCDApplicationSet { pub struct ArgoCDApplicationSetEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -206,10 +224,12 @@ pub struct ArgoCDApplicationSetEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -222,7 +242,9 @@ pub struct ArgoCDApplicationSetEnvValueFrom { pub struct ArgoCDApplicationSetEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -230,7 +252,8 @@ pub struct ArgoCDApplicationSetEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDApplicationSetEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -241,7 +264,8 @@ pub struct ArgoCDApplicationSetEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDApplicationSetEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -259,7 +283,9 @@ pub struct ArgoCDApplicationSetEnvValueFromResourceFieldRef { pub struct ArgoCDApplicationSetEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -270,15 +296,25 @@ pub struct ArgoCDApplicationSetEnvValueFromSecretKeyRef { /// Resources defines the Compute Resources required by the container for ApplicationSet. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDApplicationSetResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -286,7 +322,9 @@ pub struct ArgoCDApplicationSetResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDApplicationSetResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -318,7 +356,11 @@ pub struct ArgoCDApplicationSetWebhookServerIngress { /// Path used for the Ingress resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI. + /// TLS configuration. Currently the Ingress only supports a single TLS + /// port, 443. If multiple members of this list specify different hosts, they + /// will be multiplexed on the same port according to the hostname specified + /// through the SNI TLS extension, if the ingress controller fulfilling the + /// ingress supports SNI. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option>, } @@ -326,10 +368,17 @@ pub struct ArgoCDApplicationSetWebhookServerIngress { /// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDApplicationSetWebhookServerIngressTls { - /// hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, - /// secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing. + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -365,11 +414,20 @@ pub struct ArgoCDApplicationSetWebhookServerRouteTls { /// certificate provides certificate contents #[serde(default, skip_serializing_if = "Option::is_none")] pub certificate: Option, - /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. + /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt + /// termination this file should be provided in order to have routers use it for health checks on the secure connection. + /// If this field is not specified, the router may provide its own destination CA and perform hostname validation using + /// the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + /// verify. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationCACertificate")] pub destination_ca_certificate: Option, - /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - /// * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While + /// each router may make its own decisions on which ports to expose, this is normally port 80. + /// + /// + /// * Allow - traffic is sent to the server on the insecure port (default) + /// * Disable - no traffic is allowed on the insecure port. + /// * Redirect - clients are redirected to the secure port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureEdgeTerminationPolicy")] pub insecure_edge_termination_policy: Option, /// key provides key file contents @@ -392,8 +450,12 @@ pub struct ArgoCDBanner { /// Controller defines the Application Controller options for ArgoCD. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDController { - /// AppSync is used to control the sync frequency, by default the ArgoCD controller polls Git every 3m. - /// Set this to a duration, e.g. 10m or 600s to control the synchronisation frequency. + /// AppSync is used to control the sync frequency, by default the ArgoCD + /// controller polls Git every 3m. + /// + /// + /// Set this to a duration, e.g. 10m or 600s to control the synchronisation + /// frequency. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appSync")] pub app_sync: Option, /// Enabled is the flag to enable the Application Controller during ArgoCD installation. (optional, default `true`) @@ -427,7 +489,15 @@ pub struct ArgoCDController { pub struct ArgoCDControllerEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -441,10 +511,12 @@ pub struct ArgoCDControllerEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -457,7 +529,9 @@ pub struct ArgoCDControllerEnvValueFrom { pub struct ArgoCDControllerEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -465,7 +539,8 @@ pub struct ArgoCDControllerEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDControllerEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -476,7 +551,8 @@ pub struct ArgoCDControllerEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDControllerEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -494,7 +570,9 @@ pub struct ArgoCDControllerEnvValueFromResourceFieldRef { pub struct ArgoCDControllerEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -516,15 +594,25 @@ pub struct ArgoCDControllerProcessors { /// Resources defines the Compute Resources required by the container for the Application Controller. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDControllerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -532,7 +620,9 @@ pub struct ArgoCDControllerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDControllerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -601,7 +691,11 @@ pub struct ArgoCDGrafanaIngress { /// Path used for the Ingress resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI. + /// TLS configuration. Currently the Ingress only supports a single TLS + /// port, 443. If multiple members of this list specify different hosts, they + /// will be multiplexed on the same port according to the hostname specified + /// through the SNI TLS extension, if the ingress controller fulfilling the + /// ingress supports SNI. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option>, } @@ -609,10 +703,17 @@ pub struct ArgoCDGrafanaIngress { /// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDGrafanaIngressTls { - /// hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, - /// secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing. + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -620,15 +721,25 @@ pub struct ArgoCDGrafanaIngressTls { /// Resources defines the Compute Resources required by the container for Grafana. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDGrafanaResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -636,7 +747,9 @@ pub struct ArgoCDGrafanaResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDGrafanaResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -671,11 +784,20 @@ pub struct ArgoCDGrafanaRouteTls { /// certificate provides certificate contents #[serde(default, skip_serializing_if = "Option::is_none")] pub certificate: Option, - /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. + /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt + /// termination this file should be provided in order to have routers use it for health checks on the secure connection. + /// If this field is not specified, the router may provide its own destination CA and perform hostname validation using + /// the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + /// verify. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationCACertificate")] pub destination_ca_certificate: Option, - /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - /// * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While + /// each router may make its own decisions on which ports to expose, this is normally port 80. + /// + /// + /// * Allow - traffic is sent to the server on the insecure port (default) + /// * Disable - no traffic is allowed on the insecure port. + /// * Redirect - clients are redirected to the secure port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureEdgeTerminationPolicy")] pub insecure_edge_termination_policy: Option, /// key provides key file contents @@ -704,15 +826,25 @@ pub struct ArgoCDHa { /// Resources defines the Compute Resources required by the container for HA. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDHaResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -720,7 +852,9 @@ pub struct ArgoCDHaResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDHaResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -737,10 +871,12 @@ pub struct ArgoCDImport { /// InitialSSHKnownHosts defines the SSH known hosts data upon creation of the cluster for connecting Git repositories via SSH. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDInitialSshKnownHosts { - /// ExcludeDefaultHosts describes whether you would like to include the default list of SSH Known Hosts provided by ArgoCD. + /// ExcludeDefaultHosts describes whether you would like to include the default + /// list of SSH Known Hosts provided by ArgoCD. #[serde(default, skip_serializing_if = "Option::is_none")] pub excludedefaulthosts: Option, - /// Keys describes a custom set of SSH Known Hosts that you would like to have included in your ArgoCD server. + /// Keys describes a custom set of SSH Known Hosts that you would like to + /// have included in your ArgoCD server. #[serde(default, skip_serializing_if = "Option::is_none")] pub keys: Option, } @@ -777,22 +913,32 @@ pub struct ArgoCDNodePlacement { pub tolerations: Option>, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDNodePlacementTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -827,7 +973,15 @@ pub struct ArgoCDNotifications { pub struct ArgoCDNotificationsEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -841,10 +995,12 @@ pub struct ArgoCDNotificationsEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -857,7 +1013,9 @@ pub struct ArgoCDNotificationsEnvValueFrom { pub struct ArgoCDNotificationsEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -865,7 +1023,8 @@ pub struct ArgoCDNotificationsEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDNotificationsEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -876,7 +1035,8 @@ pub struct ArgoCDNotificationsEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDNotificationsEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -894,7 +1054,9 @@ pub struct ArgoCDNotificationsEnvValueFromResourceFieldRef { pub struct ArgoCDNotificationsEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -905,15 +1067,25 @@ pub struct ArgoCDNotificationsEnvValueFromSecretKeyRef { /// Resources defines the Compute Resources required by the container for Argo CD Notifications. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDNotificationsResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -921,7 +1093,9 @@ pub struct ArgoCDNotificationsResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDNotificationsResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -958,7 +1132,11 @@ pub struct ArgoCDPrometheusIngress { /// Path used for the Ingress resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI. + /// TLS configuration. Currently the Ingress only supports a single TLS + /// port, 443. If multiple members of this list specify different hosts, they + /// will be multiplexed on the same port according to the hostname specified + /// through the SNI TLS extension, if the ingress controller fulfilling the + /// ingress supports SNI. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option>, } @@ -966,10 +1144,17 @@ pub struct ArgoCDPrometheusIngress { /// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDPrometheusIngressTls { - /// hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, - /// secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing. + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -1005,11 +1190,20 @@ pub struct ArgoCDPrometheusRouteTls { /// certificate provides certificate contents #[serde(default, skip_serializing_if = "Option::is_none")] pub certificate: Option, - /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. + /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt + /// termination this file should be provided in order to have routers use it for health checks on the secure connection. + /// If this field is not specified, the router may provide its own destination CA and perform hostname validation using + /// the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + /// verify. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationCACertificate")] pub destination_ca_certificate: Option, - /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - /// * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While + /// each router may make its own decisions on which ports to expose, this is normally port 80. + /// + /// + /// * Allow - traffic is sent to the server on the insecure port (default) + /// * Disable - no traffic is allowed on the insecure port. + /// * Redirect - clients are redirected to the secure port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureEdgeTerminationPolicy")] pub insecure_edge_termination_policy: Option, /// key provides key file contents @@ -1022,16 +1216,25 @@ pub struct ArgoCDPrometheusRouteTls { /// RBAC defines the RBAC configuration for Argo CD. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRbac { - /// DefaultPolicy is the name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc... + /// DefaultPolicy is the name of the default role which Argo CD will falls back to, when + /// authorizing API requests (optional). If omitted or empty, users may be still be able to login, + /// but will see no apps, projects, etc... #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultPolicy")] pub default_policy: Option, - /// Policy is CSV containing user-defined RBAC policies and role definitions. Policy rules are in the form: p, subject, resource, action, object, effect Role definitions and bindings are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. + /// Policy is CSV containing user-defined RBAC policies and role definitions. + /// Policy rules are in the form: + /// p, subject, resource, action, object, effect + /// Role definitions and bindings are in the form: + /// g, subject, inherited-subject + /// See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. #[serde(default, skip_serializing_if = "Option::is_none")] pub policy: Option, - /// PolicyMatcherMode configures the matchers function mode for casbin. There are two options for this, 'glob' for glob matcher or 'regex' for regex matcher. + /// PolicyMatcherMode configures the matchers function mode for casbin. + /// There are two options for this, 'glob' for glob matcher or 'regex' for regex matcher. #[serde(default, skip_serializing_if = "Option::is_none", rename = "policyMatcherMode")] pub policy_matcher_mode: Option, - /// Scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). If omitted, defaults to: '[groups]'. + /// Scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). + /// If omitted, defaults to: '[groups]'. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option, } @@ -1039,7 +1242,9 @@ pub struct ArgoCDRbac { /// Redis defines the Redis server options for ArgoCD. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRedis { - /// AutoTLS specifies the method to use for automatic TLS configuration for the redis server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config + /// AutoTLS specifies the method to use for automatic TLS configuration for the redis server + /// The value specified here can currently be: + /// - openshift - Use the OpenShift service CA to request TLS config #[serde(default, skip_serializing_if = "Option::is_none")] pub autotls: Option, /// DisableTLSVerification defines whether redis server API should be accessed using strict TLS validation @@ -1065,15 +1270,25 @@ pub struct ArgoCDRedis { /// Resources defines the Compute Resources required by the container for Redis. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRedisResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -1081,14 +1296,18 @@ pub struct ArgoCDRedisResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRedisResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } /// Repo defines the repo server options for Argo CD. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepo { - /// AutoTLS specifies the method to use for automatic TLS configuration for the repo server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config + /// AutoTLS specifies the method to use for automatic TLS configuration for the repo server + /// The value specified here can currently be: + /// - openshift - Use the OpenShift service CA to request TLS config #[serde(default, skip_serializing_if = "Option::is_none")] pub autotls: Option, /// Enabled is the flag to enable Repo Server during ArgoCD installation. (optional, default `true`) @@ -1100,7 +1319,9 @@ pub struct ArgoCDRepo { /// ExecTimeout specifies the timeout in seconds for tool execution #[serde(default, skip_serializing_if = "Option::is_none", rename = "execTimeout")] pub exec_timeout: Option, - /// Extra Command arguments allows users to pass command line arguments to repo server workload. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraRepoCommandArgs will not overwrite the default command line arguments. + /// Extra Command arguments allows users to pass command line arguments to repo server workload. They get added to default command line arguments provided + /// by the operator. + /// Please note that the command line arguments provided as part of ExtraRepoCommandArgs will not overwrite the default command line arguments. #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraRepoCommandArgs")] pub extra_repo_command_args: Option>, /// Image is the ArgoCD Repo Server container image. @@ -1152,7 +1373,15 @@ pub struct ArgoCDRepo { pub struct ArgoCDRepoEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -1166,10 +1395,12 @@ pub struct ArgoCDRepoEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -1182,7 +1413,9 @@ pub struct ArgoCDRepoEnvValueFrom { pub struct ArgoCDRepoEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1190,7 +1423,8 @@ pub struct ArgoCDRepoEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -1201,7 +1435,8 @@ pub struct ArgoCDRepoEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -1219,7 +1454,9 @@ pub struct ArgoCDRepoEnvValueFromResourceFieldRef { pub struct ArgoCDRepoEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1230,75 +1467,166 @@ pub struct ArgoCDRepoEnvValueFromSecretKeyRef { /// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainers { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -1308,7 +1636,15 @@ pub struct ArgoCDRepoInitContainers { pub struct ArgoCDRepoInitContainersEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -1322,10 +1658,12 @@ pub struct ArgoCDRepoInitContainersEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -1338,7 +1676,9 @@ pub struct ArgoCDRepoInitContainersEnvValueFrom { pub struct ArgoCDRepoInitContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1346,7 +1686,8 @@ pub struct ArgoCDRepoInitContainersEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -1357,7 +1698,8 @@ pub struct ArgoCDRepoInitContainersEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -1375,7 +1717,9 @@ pub struct ArgoCDRepoInitContainersEnvValueFromResourceFieldRef { pub struct ArgoCDRepoInitContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1400,7 +1744,9 @@ pub struct ArgoCDRepoInitContainersEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1411,7 +1757,9 @@ pub struct ArgoCDRepoInitContainersEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1419,18 +1767,33 @@ pub struct ArgoCDRepoInitContainersEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePostStart { /// Exec specifies the action to take. @@ -1439,7 +1802,9 @@ pub struct ArgoCDRepoInitContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -1447,7 +1812,11 @@ pub struct ArgoCDRepoInitContainersLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -1455,7 +1824,8 @@ pub struct ArgoCDRepoInitContainersLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1464,9 +1834,12 @@ pub struct ArgoCDRepoInitContainersLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1474,23 +1847,36 @@ pub struct ArgoCDRepoInitContainersLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePreStop { /// Exec specifies the action to take. @@ -1499,7 +1885,9 @@ pub struct ArgoCDRepoInitContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -1507,7 +1895,11 @@ pub struct ArgoCDRepoInitContainersLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -1515,7 +1907,8 @@ pub struct ArgoCDRepoInitContainersLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1524,9 +1917,12 @@ pub struct ArgoCDRepoInitContainersLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1534,29 +1930,38 @@ pub struct ArgoCDRepoInitContainersLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -1565,22 +1970,36 @@ pub struct ArgoCDRepoInitContainersLivenessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1588,7 +2007,11 @@ pub struct ArgoCDRepoInitContainersLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -1598,8 +2021,11 @@ pub struct ArgoCDRepoInitContainersLivenessProbeExec { pub struct ArgoCDRepoInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1607,7 +2033,8 @@ pub struct ArgoCDRepoInitContainersLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1616,9 +2043,12 @@ pub struct ArgoCDRepoInitContainersLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1626,7 +2056,8 @@ pub struct ArgoCDRepoInitContainersLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1638,37 +2069,50 @@ pub struct ArgoCDRepoInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -1677,22 +2121,36 @@ pub struct ArgoCDRepoInitContainersReadinessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1700,7 +2158,11 @@ pub struct ArgoCDRepoInitContainersReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -1710,8 +2172,11 @@ pub struct ArgoCDRepoInitContainersReadinessProbeExec { pub struct ArgoCDRepoInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1719,7 +2184,8 @@ pub struct ArgoCDRepoInitContainersReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1728,9 +2194,12 @@ pub struct ArgoCDRepoInitContainersReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1738,7 +2207,8 @@ pub struct ArgoCDRepoInitContainersReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1750,33 +2220,49 @@ pub struct ArgoCDRepoInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersResizePolicy { - /// Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, - /// Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -1784,49 +2270,95 @@ pub struct ArgoCDRepoInitContainersResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersSecurityContextCapabilities { /// Added capabilities @@ -1837,7 +2369,11 @@ pub struct ArgoCDRepoInitContainersSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -1854,42 +2390,71 @@ pub struct ArgoCDRepoInitContainersSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -1898,22 +2463,36 @@ pub struct ArgoCDRepoInitContainersStartupProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1921,7 +2500,11 @@ pub struct ArgoCDRepoInitContainersStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -1931,8 +2514,11 @@ pub struct ArgoCDRepoInitContainersStartupProbeExec { pub struct ArgoCDRepoInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1940,7 +2526,8 @@ pub struct ArgoCDRepoInitContainersStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1949,9 +2536,12 @@ pub struct ArgoCDRepoInitContainersStartupProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1959,7 +2549,8 @@ pub struct ArgoCDRepoInitContainersStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1971,7 +2562,9 @@ pub struct ArgoCDRepoInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -1988,21 +2581,30 @@ pub struct ArgoCDRepoInitContainersVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoInitContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -2010,15 +2612,25 @@ pub struct ArgoCDRepoInitContainersVolumeMounts { /// Resources defines the Compute Resources required by the container for Redis. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -2026,82 +2638,175 @@ pub struct ArgoCDRepoResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } /// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainers { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -2111,7 +2816,15 @@ pub struct ArgoCDRepoSidecarContainers { pub struct ArgoCDRepoSidecarContainersEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -2125,10 +2838,12 @@ pub struct ArgoCDRepoSidecarContainersEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -2141,7 +2856,9 @@ pub struct ArgoCDRepoSidecarContainersEnvValueFrom { pub struct ArgoCDRepoSidecarContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2149,7 +2866,8 @@ pub struct ArgoCDRepoSidecarContainersEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2160,7 +2878,8 @@ pub struct ArgoCDRepoSidecarContainersEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -2178,7 +2897,9 @@ pub struct ArgoCDRepoSidecarContainersEnvValueFromResourceFieldRef { pub struct ArgoCDRepoSidecarContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2203,7 +2924,9 @@ pub struct ArgoCDRepoSidecarContainersEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -2214,7 +2937,9 @@ pub struct ArgoCDRepoSidecarContainersEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -2222,18 +2947,33 @@ pub struct ArgoCDRepoSidecarContainersEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePostStart { /// Exec specifies the action to take. @@ -2242,7 +2982,9 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -2250,7 +2992,11 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2258,7 +3004,8 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2267,9 +3014,12 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2277,23 +3027,36 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePreStop { /// Exec specifies the action to take. @@ -2302,7 +3065,9 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -2310,7 +3075,11 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2318,7 +3087,8 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2327,9 +3097,12 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2337,29 +3110,38 @@ pub struct ArgoCDRepoSidecarContainersLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -2368,22 +3150,36 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2391,7 +3187,11 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2401,8 +3201,11 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbeExec { pub struct ArgoCDRepoSidecarContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2410,7 +3213,8 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2419,9 +3223,12 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2429,7 +3236,8 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2441,37 +3249,50 @@ pub struct ArgoCDRepoSidecarContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -2480,22 +3301,36 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2503,7 +3338,11 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2513,8 +3352,11 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbeExec { pub struct ArgoCDRepoSidecarContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2522,7 +3364,8 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2531,9 +3374,12 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2541,7 +3387,8 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2553,33 +3400,49 @@ pub struct ArgoCDRepoSidecarContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersResizePolicy { - /// Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, - /// Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -2587,49 +3450,95 @@ pub struct ArgoCDRepoSidecarContainersResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersSecurityContextCapabilities { /// Added capabilities @@ -2640,7 +3549,11 @@ pub struct ArgoCDRepoSidecarContainersSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -2657,42 +3570,71 @@ pub struct ArgoCDRepoSidecarContainersSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -2701,22 +3643,36 @@ pub struct ArgoCDRepoSidecarContainersStartupProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2724,7 +3680,11 @@ pub struct ArgoCDRepoSidecarContainersStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2734,8 +3694,11 @@ pub struct ArgoCDRepoSidecarContainersStartupProbeExec { pub struct ArgoCDRepoSidecarContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2743,7 +3706,8 @@ pub struct ArgoCDRepoSidecarContainersStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2752,9 +3716,12 @@ pub struct ArgoCDRepoSidecarContainersStartupProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2762,7 +3729,8 @@ pub struct ArgoCDRepoSidecarContainersStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2774,7 +3742,9 @@ pub struct ArgoCDRepoSidecarContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -2791,21 +3761,30 @@ pub struct ArgoCDRepoSidecarContainersVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoSidecarContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -2813,21 +3792,30 @@ pub struct ArgoCDRepoSidecarContainersVolumeMounts { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -2835,7 +3823,9 @@ pub struct ArgoCDRepoVolumeMounts { /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. @@ -2847,7 +3837,8 @@ pub struct ArgoCDRepoVolumes { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume @@ -2859,46 +3850,91 @@ pub struct ArgoCDRepoVolumes { /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - /// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). - /// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - /// A pod can use both types of ephemeral volumes and persistent volumes at the same time. + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, - /// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// --- + /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, - /// name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine @@ -2913,13 +3949,15 @@ pub struct ArgoCDRepoVolumes { /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, - /// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. @@ -2930,19 +3968,30 @@ pub struct ArgoCDRepoVolumes { pub vsphere_volume: Option, } -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } @@ -2959,13 +4008,16 @@ pub struct ArgoCDRepoVolumesAzureDisk { /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, - /// fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -2973,7 +4025,8 @@ pub struct ArgoCDRepoVolumesAzureDisk { /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretName is the name of secret that contains Azure Storage Account Name and Key @@ -2987,54 +4040,74 @@ pub struct ArgoCDRepoVolumesAzureFile { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesCephfsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesCinder { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } -/// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesCinderSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3042,13 +4115,27 @@ pub struct ArgoCDRepoVolumesCinderSecretRef { /// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -3061,36 +4148,59 @@ pub struct ArgoCDRepoVolumesConfigMap { pub struct ArgoCDRepoVolumesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } -/// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesCsiNodePublishSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3098,7 +4208,14 @@ pub struct ArgoCDRepoVolumesCsiNodePublishSecretRef { /// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// Items is a list of downward API volume file @@ -3112,12 +4229,18 @@ pub struct ArgoCDRepoVolumesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -3133,7 +4256,8 @@ pub struct ArgoCDRepoVolumesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -3146,72 +4270,190 @@ pub struct ArgoCDRepoVolumesDownwardApiItemsResourceFieldRef { pub resource: String, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } -/// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. -/// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). -/// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. -/// A pod can use both types of ephemeral volumes and persistent volumes at the same time. +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - /// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - /// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - /// Required, must not be nil. + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// + /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } -/// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). -/// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. -/// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. -/// Required, must not be nil. +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. pub spec: ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpec, } -/// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateMetadata { } -/// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -3219,10 +4461,19 @@ pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -3231,33 +4482,73 @@ pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3265,7 +4556,9 @@ pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -3275,19 +4568,26 @@ pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3295,46 +4595,65 @@ pub struct ArgoCDRepoVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpress /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesFc { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } -/// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesFlexVolume { /// driver is the name of the driver to use for this volume. pub driver: String, - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesFlexVolumeSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3342,7 +4661,8 @@ pub struct ArgoCDRepoVolumesFlexVolumeSecretRef { /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -3350,27 +4670,46 @@ pub struct ArgoCDRepoVolumesFlocker { pub dataset_uuid: Option, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesGitRepo { - /// directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// repository is the URL @@ -3380,29 +4719,47 @@ pub struct ArgoCDRepoVolumesGitRepo { pub revision: Option, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, - /// path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +/// --- +/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not +/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesHostPath { - /// path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, - /// type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesIscsi { /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication @@ -3411,29 +4768,39 @@ pub struct ArgoCDRepoVolumesIscsi { /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, /// iqn is the target iSCSI Qualified Name. pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, /// lun represents iSCSI Target Lun number. pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } @@ -3441,30 +4808,41 @@ pub struct ArgoCDRepoVolumesIscsi { /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesIscsiSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesNfs { - /// path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } -/// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. Default false. + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -3472,7 +4850,9 @@ pub struct ArgoCDRepoVolumesPersistentVolumeClaim { /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// pdID is the ID that identifies Photon Controller persistent disk @@ -3483,10 +4863,13 @@ pub struct ArgoCDRepoVolumesPhotonPersistentDisk { /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesPortworxVolume { - /// fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// volumeID uniquely identifies a Portworx volume @@ -3497,7 +4880,12 @@ pub struct ArgoCDRepoVolumesPortworxVolume { /// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// sources is the list of volume projections @@ -3525,10 +4913,18 @@ pub struct ArgoCDRepoVolumesProjectedSources { /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -3541,10 +4937,18 @@ pub struct ArgoCDRepoVolumesProjectedSourcesConfigMap { pub struct ArgoCDRepoVolumesProjectedSourcesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -3562,12 +4966,18 @@ pub struct ArgoCDRepoVolumesProjectedSourcesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -3583,7 +4993,8 @@ pub struct ArgoCDRepoVolumesProjectedSourcesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -3599,10 +5010,18 @@ pub struct ArgoCDRepoVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -3615,78 +5034,124 @@ pub struct ArgoCDRepoVolumesProjectedSourcesSecret { pub struct ArgoCDRepoVolumesProjectedSourcesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesQuobyte { - /// group to map volume access to Default is no group + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, - /// tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, - /// user to map volume access to Defaults to serivceaccount user + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, - /// keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, - /// monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, - /// pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesRbdSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3694,7 +5159,10 @@ pub struct ArgoCDRepoVolumesRbdSecretRef { /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesScaleIo { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// gateway is the host address of the ScaleIO API Gateway. @@ -3702,16 +5170,19 @@ pub struct ArgoCDRepoVolumesScaleIo { /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: ArgoCDRepoVolumesScaleIoSecretRef, /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, /// storagePool is the ScaleIO Storage Pool associated with the protection domain. @@ -3719,32 +5190,50 @@ pub struct ArgoCDRepoVolumesScaleIo { pub storage_pool: Option, /// system is the name of the storage system as configured in ScaleIO. pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesScaleIoSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -3754,37 +5243,58 @@ pub struct ArgoCDRepoVolumesSecret { pub struct ArgoCDRepoVolumesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesStorageos { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } -/// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesStorageosSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3792,7 +5302,9 @@ pub struct ArgoCDRepoVolumesStorageosSecretRef { /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDRepoVolumesVsphereVolume { - /// fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. @@ -3880,7 +5392,9 @@ pub struct ArgoCDServer { /// Env lets you specify environment for API server pods #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// Extra Command arguments that would append to the Argo CD server command. ExtraCommandArgs will not be added, if one of these commands is already part of the server command with same or different value. + /// Extra Command arguments that would append to the Argo CD server command. + /// ExtraCommandArgs will not be added, if one of these commands is already part of the server command + /// with same or different value. #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraCommandArgs")] pub extra_command_args: Option>, /// GRPC defines the state for the Argo CD Server GRPC options. @@ -3931,18 +5445,25 @@ pub struct ArgoCDServerAutoscaleHpa { /// maxReplicas is the upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas. #[serde(rename = "maxReplicas")] pub max_replicas: i32, - /// minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available. + /// minReplicas is the lower limit for the number of replicas to which the autoscaler + /// can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the + /// alpha feature gate HPAScaleToZero is enabled and at least one Object or External + /// metric is configured. Scaling is active as long as at least one metric value is + /// available. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReplicas")] pub min_replicas: Option, - /// reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption and will set the desired number of pods by using its Scale subresource. + /// reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption + /// and will set the desired number of pods by using its Scale subresource. #[serde(rename = "scaleTargetRef")] pub scale_target_ref: ArgoCDServerAutoscaleHpaScaleTargetRef, - /// targetCPUUtilizationPercentage is the target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used. + /// targetCPUUtilizationPercentage is the target average CPU utilization (represented as a percentage of requested CPU) over all the pods; + /// if not specified the default autoscaling policy will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetCPUUtilizationPercentage")] pub target_cpu_utilization_percentage: Option, } -/// reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption and will set the desired number of pods by using its Scale subresource. +/// reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption +/// and will set the desired number of pods by using its Scale subresource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerAutoscaleHpaScaleTargetRef { /// apiVersion is the API version of the referent @@ -3959,7 +5480,15 @@ pub struct ArgoCDServerAutoscaleHpaScaleTargetRef { pub struct ArgoCDServerEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -3973,10 +5502,12 @@ pub struct ArgoCDServerEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -3989,7 +5520,9 @@ pub struct ArgoCDServerEnvValueFrom { pub struct ArgoCDServerEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -3997,7 +5530,8 @@ pub struct ArgoCDServerEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -4008,7 +5542,8 @@ pub struct ArgoCDServerEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -4026,7 +5561,9 @@ pub struct ArgoCDServerEnvValueFromResourceFieldRef { pub struct ArgoCDServerEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4059,7 +5596,11 @@ pub struct ArgoCDServerGrpcIngress { /// Path used for the Ingress resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI. + /// TLS configuration. Currently the Ingress only supports a single TLS + /// port, 443. If multiple members of this list specify different hosts, they + /// will be multiplexed on the same port according to the hostname specified + /// through the SNI TLS extension, if the ingress controller fulfilling the + /// ingress supports SNI. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option>, } @@ -4067,10 +5608,17 @@ pub struct ArgoCDServerGrpcIngress { /// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerGrpcIngressTls { - /// hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, - /// secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing. + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -4089,7 +5637,11 @@ pub struct ArgoCDServerIngress { /// Path used for the Ingress resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI. + /// TLS configuration. Currently the Ingress only supports a single TLS + /// port, 443. If multiple members of this list specify different hosts, they + /// will be multiplexed on the same port according to the hostname specified + /// through the SNI TLS extension, if the ingress controller fulfilling the + /// ingress supports SNI. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option>, } @@ -4097,10 +5649,17 @@ pub struct ArgoCDServerIngress { /// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerIngressTls { - /// hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, - /// secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing. + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -4108,15 +5667,25 @@ pub struct ArgoCDServerIngressTls { /// Resources defines the Compute Resources required by the container for the Argo CD server component. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -4124,7 +5693,9 @@ pub struct ArgoCDServerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDServerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -4159,11 +5730,20 @@ pub struct ArgoCDServerRouteTls { /// certificate provides certificate contents #[serde(default, skip_serializing_if = "Option::is_none")] pub certificate: Option, - /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. + /// destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt + /// termination this file should be provided in order to have routers use it for health checks on the secure connection. + /// If this field is not specified, the router may provide its own destination CA and perform hostname validation using + /// the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + /// verify. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationCACertificate")] pub destination_ca_certificate: Option, - /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - /// * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + /// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While + /// each router may make its own decisions on which ports to expose, this is normally port 80. + /// + /// + /// * Allow - traffic is sent to the server on the insecure port (default) + /// * Disable - no traffic is allowed on the insecure port. + /// * Redirect - clients are redirected to the secure port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureEdgeTerminationPolicy")] pub insecure_edge_termination_policy: Option, /// key provides key file contents @@ -4226,7 +5806,15 @@ pub struct ArgoCDSsoDex { pub struct ArgoCDSsoDexEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -4240,10 +5828,12 @@ pub struct ArgoCDSsoDexEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -4256,7 +5846,9 @@ pub struct ArgoCDSsoDexEnvValueFrom { pub struct ArgoCDSsoDexEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -4264,7 +5856,8 @@ pub struct ArgoCDSsoDexEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDSsoDexEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -4275,7 +5868,8 @@ pub struct ArgoCDSsoDexEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDSsoDexEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -4293,7 +5887,9 @@ pub struct ArgoCDSsoDexEnvValueFromResourceFieldRef { pub struct ArgoCDSsoDexEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4304,15 +5900,25 @@ pub struct ArgoCDSsoDexEnvValueFromSecretKeyRef { /// Resources defines the Compute Resources required by the container for Dex. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDSsoDexResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -4320,7 +5926,9 @@ pub struct ArgoCDSsoDexResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDSsoDexResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -4350,15 +5958,25 @@ pub struct ArgoCDSsoKeycloak { /// Resources defines the Compute Resources required by the container for Keycloak. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDSsoKeycloakResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -4366,7 +5984,9 @@ pub struct ArgoCDSsoKeycloakResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDSsoKeycloakResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -4395,37 +6015,77 @@ pub struct ArgoCDTlsCa { /// ArgoCDStatus defines the observed state of ArgoCD #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ArgoCDStatus { - /// ApplicationController is a simple, high-level summary of where the Argo CD application controller component is in its lifecycle. There are four possible ApplicationController values: Pending: The Argo CD application controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD application controller component are in a Ready state. Failed: At least one of the Argo CD application controller component Pods had a failure. Unknown: The state of the Argo CD application controller component could not be obtained. + /// ApplicationController is a simple, high-level summary of where the Argo CD application controller component is in its lifecycle. + /// There are four possible ApplicationController values: + /// Pending: The Argo CD application controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD application controller component are in a Ready state. + /// Failed: At least one of the Argo CD application controller component Pods had a failure. + /// Unknown: The state of the Argo CD application controller component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applicationController")] pub application_controller: Option, - /// ApplicationSetController is a simple, high-level summary of where the Argo CD applicationSet controller component is in its lifecycle. There are four possible ApplicationSetController values: Pending: The Argo CD applicationSet controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD applicationSet controller component are in a Ready state. Failed: At least one of the Argo CD applicationSet controller component Pods had a failure. Unknown: The state of the Argo CD applicationSet controller component could not be obtained. + /// ApplicationSetController is a simple, high-level summary of where the Argo CD applicationSet controller component is in its lifecycle. + /// There are four possible ApplicationSetController values: + /// Pending: The Argo CD applicationSet controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD applicationSet controller component are in a Ready state. + /// Failed: At least one of the Argo CD applicationSet controller component Pods had a failure. + /// Unknown: The state of the Argo CD applicationSet controller component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applicationSetController")] pub application_set_controller: Option, /// Host is the hostname of the Ingress. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// NotificationsController is a simple, high-level summary of where the Argo CD notifications controller component is in its lifecycle. There are four possible NotificationsController values: Pending: The Argo CD notifications controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD notifications controller component are in a Ready state. Failed: At least one of the Argo CD notifications controller component Pods had a failure. Unknown: The state of the Argo CD notifications controller component could not be obtained. + /// NotificationsController is a simple, high-level summary of where the Argo CD notifications controller component is in its lifecycle. + /// There are four possible NotificationsController values: + /// Pending: The Argo CD notifications controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD notifications controller component are in a Ready state. + /// Failed: At least one of the Argo CD notifications controller component Pods had a failure. + /// Unknown: The state of the Argo CD notifications controller component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none", rename = "notificationsController")] pub notifications_controller: Option, - /// Phase is a simple, high-level summary of where the ArgoCD is in its lifecycle. There are four possible phase values: Pending: The ArgoCD has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Available: All of the resources for the ArgoCD are ready. Failed: At least one resource has experienced a failure. Unknown: The state of the ArgoCD phase could not be obtained. + /// Phase is a simple, high-level summary of where the ArgoCD is in its lifecycle. + /// There are four possible phase values: + /// Pending: The ArgoCD has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Available: All of the resources for the ArgoCD are ready. + /// Failed: At least one resource has experienced a failure. + /// Unknown: The state of the ArgoCD phase could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// Redis is a simple, high-level summary of where the Argo CD Redis component is in its lifecycle. There are four possible redis values: Pending: The Argo CD Redis component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD Redis component are in a Ready state. Failed: At least one of the Argo CD Redis component Pods had a failure. Unknown: The state of the Argo CD Redis component could not be obtained. + /// Redis is a simple, high-level summary of where the Argo CD Redis component is in its lifecycle. + /// There are four possible redis values: + /// Pending: The Argo CD Redis component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD Redis component are in a Ready state. + /// Failed: At least one of the Argo CD Redis component Pods had a failure. + /// Unknown: The state of the Argo CD Redis component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none")] pub redis: Option, /// RedisTLSChecksum contains the SHA256 checksum of the latest known state of tls.crt and tls.key in the argocd-operator-redis-tls secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "redisTLSChecksum")] pub redis_tls_checksum: Option, - /// Repo is a simple, high-level summary of where the Argo CD Repo component is in its lifecycle. There are four possible repo values: Pending: The Argo CD Repo component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD Repo component are in a Ready state. Failed: At least one of the Argo CD Repo component Pods had a failure. Unknown: The state of the Argo CD Repo component could not be obtained. + /// Repo is a simple, high-level summary of where the Argo CD Repo component is in its lifecycle. + /// There are four possible repo values: + /// Pending: The Argo CD Repo component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD Repo component are in a Ready state. + /// Failed: At least one of the Argo CD Repo component Pods had a failure. + /// Unknown: The state of the Argo CD Repo component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none")] pub repo: Option, /// RepoTLSChecksum contains the SHA256 checksum of the latest known state of tls.crt and tls.key in the argocd-repo-server-tls secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "repoTLSChecksum")] pub repo_tls_checksum: Option, - /// Server is a simple, high-level summary of where the Argo CD server component is in its lifecycle. There are four possible server values: Pending: The Argo CD server component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD server component are in a Ready state. Failed: At least one of the Argo CD server component Pods had a failure. Unknown: The state of the Argo CD server component could not be obtained. + /// Server is a simple, high-level summary of where the Argo CD server component is in its lifecycle. + /// There are four possible server values: + /// Pending: The Argo CD server component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD server component are in a Ready state. + /// Failed: At least one of the Argo CD server component Pods had a failure. + /// Unknown: The state of the Argo CD server component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none")] pub server: Option, - /// SSO is a simple, high-level summary of where the Argo CD SSO(Dex/Keycloak) component is in its lifecycle. There are four possible sso values: Pending: The Argo CD SSO component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD SSO component are in a Ready state. Failed: At least one of the Argo CD SSO component Pods had a failure. Unknown: The state of the Argo CD SSO component could not be obtained. + /// SSO is a simple, high-level summary of where the Argo CD SSO(Dex/Keycloak) component is in its lifecycle. + /// There are four possible sso values: + /// Pending: The Argo CD SSO component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. + /// Running: All of the required Pods for the Argo CD SSO component are in a Ready state. + /// Failed: At least one of the Argo CD SSO component Pods had a failure. + /// Unknown: The state of the Argo CD SSO component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none")] pub sso: Option, } diff --git a/kube-custom-resources-rs/src/asdb_aerospike_com/v1/aerospikeclusters.rs b/kube-custom-resources-rs/src/asdb_aerospike_com/v1/aerospikeclusters.rs index cfbe2974f..15b030add 100644 --- a/kube-custom-resources-rs/src/asdb_aerospike_com/v1/aerospikeclusters.rs +++ b/kube-custom-resources-rs/src/asdb_aerospike_com/v1/aerospikeclusters.rs @@ -43,6 +43,9 @@ pub struct AerospikeClusterSpec { /// MaxUnavailable is the percentage/number of pods that can be allowed to go down or unavailable before application disruption. This value is used to create PodDisruptionBudget. Defaults to 1. Refer Aerospike documentation for more details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, + /// Operations is a list of on-demand operations to be performed on the Aerospike cluster. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operations: Option>, /// Certificates to connect to Aerospike. #[serde(default, skip_serializing_if = "Option::is_none", rename = "operatorClientCert")] pub operator_client_cert: Option, @@ -233,6 +236,21 @@ pub enum AerospikeClusterAerospikeNetworkPolicyTlsFabric { CustomInterface, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct AerospikeClusterOperations { + pub id: String, + /// Kind is the type of operation to be performed on the Aerospike cluster. + pub kind: AerospikeClusterOperationsKind, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podList")] + pub pod_list: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AerospikeClusterOperationsKind { + WarmRestart, + PodRestart, +} + /// Certificates to connect to Aerospike. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterOperatorClientCert { @@ -5275,6 +5293,9 @@ pub struct AerospikeClusterStatus { /// If set false then only single pod can be created per Kubernetes Node. This will create Pods using hostPort setting. The container port will be exposed to the external network at :, where the hostIP is the IP address of the Kubernetes Node where the container is running and the hostPort is the port requested by the user. Deprecated: MultiPodPerHost is now part of podSpec #[serde(default, skip_serializing_if = "Option::is_none", rename = "multiPodPerHost")] pub multi_pod_per_host: Option, + /// Operations is a list of on-demand operation to be performed on the Aerospike cluster. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operations: Option>, /// Certificates to connect to Aerospike. If omitted then certs are taken from the secret 'aerospike-secret'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "operatorClientCertSpec")] pub operator_client_cert_spec: Option, @@ -5475,6 +5496,21 @@ pub enum AerospikeClusterStatusAerospikeNetworkPolicyTlsFabric { CustomInterface, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct AerospikeClusterStatusOperations { + pub id: String, + /// Kind is the type of operation to be performed on the Aerospike cluster. + pub kind: AerospikeClusterStatusOperationsKind, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podList")] + pub pod_list: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AerospikeClusterStatusOperationsKind { + WarmRestart, + PodRestart, +} + /// Certificates to connect to Aerospike. If omitted then certs are taken from the secret 'aerospike-secret'. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterStatusOperatorClientCertSpec { diff --git a/kube-custom-resources-rs/src/authzed_com/v1alpha1/spicedbclusters.rs b/kube-custom-resources-rs/src/authzed_com/v1alpha1/spicedbclusters.rs index 92d5fec1c..640aca18c 100644 --- a/kube-custom-resources-rs/src/authzed_com/v1alpha1/spicedbclusters.rs +++ b/kube-custom-resources-rs/src/authzed_com/v1alpha1/spicedbclusters.rs @@ -20,19 +20,35 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct SpiceDBClusterSpec { - /// Channel is a defined series of updates that operator should follow. The operator is configured with a datasource that configures available channels and update paths. If `version` is not specified, then the operator will keep SpiceDB up-to-date with the current head of the channel. If `version` is specified, then the operator will write available updates in the status. + /// Channel is a defined series of updates that operator should follow. + /// The operator is configured with a datasource that configures available + /// channels and update paths. + /// If `version` is not specified, then the operator will keep SpiceDB + /// up-to-date with the current head of the channel. + /// If `version` is specified, then the operator will write available updates + /// in the status. #[serde(default, skip_serializing_if = "Option::is_none")] pub channel: Option, /// Config values to be passed to the cluster #[serde(default, skip_serializing_if = "Option::is_none")] pub config: Option>, - /// Patches is a list of patches to apply to generated resources. If multiple patches apply to the same object and field, later patches in the list take precedence over earlier ones. + /// Patches is a list of patches to apply to generated resources. + /// If multiple patches apply to the same object and field, later patches + /// in the list take precedence over earlier ones. #[serde(default, skip_serializing_if = "Option::is_none")] pub patches: Option>, - /// SecretName points to a secret (in the same namespace) that holds secret config for the cluster like passwords, credentials, etc. If the secret is omitted, one will be generated + /// SecretName points to a secret (in the same namespace) that holds secret + /// config for the cluster like passwords, credentials, etc. + /// If the secret is omitted, one will be generated #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, - /// Version is the name of the version of SpiceDB that will be run. The version is usually a simple version string like `v1.13.0`, but the operator is configured with a data source that tells it what versions are allowed, and they may have other names. If omitted, the newest version in the head of the channel will be used. Note that the `config.image` field will take precedence over version/channel, if it is specified + /// Version is the name of the version of SpiceDB that will be run. + /// The version is usually a simple version string like `v1.13.0`, but the + /// operator is configured with a data source that tells it what versions + /// are allowed, and they may have other names. + /// If omitted, the newest version in the head of the channel will be used. + /// Note that the `config.image` field will take precedence over + /// version/channel, if it is specified #[serde(default, skip_serializing_if = "Option::is_none")] pub version: Option, } @@ -43,20 +59,25 @@ pub struct SpiceDBClusterPatches { /// Kind targets an object by its kubernetes Kind name. #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Patch is an inlined representation of a structured merge patch (one that just specifies the structure and fields to be modified) or a an explicit JSON6902 patch operation. + /// Patch is an inlined representation of a structured merge patch (one that + /// just specifies the structure and fields to be modified) or a an explicit + /// JSON6902 patch operation. pub patch: BTreeMap, } /// ClusterStatus communicates the observed state of the cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SpiceDBClusterStatus { - /// AvailableVersions is a list of versions that the currently running version can be updated to. Only applies if using an update channel. + /// AvailableVersions is a list of versions that the currently running + /// version can be updated to. Only applies if using an update channel. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableVersions")] pub available_versions: Option>, /// Conditions for the current state of the Stack. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// CurrentMigrationHash is a hash of the currently running migration target and config. If this is equal to TargetMigrationHash (and there are no conditions) then the datastore is fully migrated. + /// CurrentMigrationHash is a hash of the currently running migration target and config. + /// If this is equal to TargetMigrationHash (and there are no conditions) then the datastore + /// is fully migrated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentMigrationHash")] pub current_migration_hash: Option, /// Image is the image that is or will be used for this cluster @@ -65,7 +86,8 @@ pub struct SpiceDBClusterStatus { /// Migration is the name of the last migration applied #[serde(default, skip_serializing_if = "Option::is_none")] pub migration: Option, - /// ObservedGeneration represents the .metadata.generation that has been seen by the controller. + /// ObservedGeneration represents the .metadata.generation that has been + /// seen by the controller. #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] pub observed_generation: Option, /// Phase is the currently running phase (used for phased migrations) @@ -77,14 +99,17 @@ pub struct SpiceDBClusterStatus { /// TargetMigrationHash is a hash of the desired migration target and config #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetMigrationHash")] pub target_migration_hash: Option, - /// CurrentVersion is a description of the currently selected version from the channel, if an update channel is being used. + /// CurrentVersion is a description of the currently selected version from + /// the channel, if an update channel is being used. #[serde(default, skip_serializing_if = "Option::is_none")] pub version: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SpiceDBClusterStatusAvailableVersions { - /// Attributes is an optional set of descriptors for the update, which carry additional information like whether there will be a migration if this version is selected. + /// Attributes is an optional set of descriptors for the update, which + /// carry additional information like whether there will be a migration + /// if this version is selected. #[serde(default, skip_serializing_if = "Option::is_none")] pub attributes: Option>, /// Channel is the name of the channel this version is in @@ -96,10 +121,13 @@ pub struct SpiceDBClusterStatusAvailableVersions { pub name: String, } -/// CurrentVersion is a description of the currently selected version from the channel, if an update channel is being used. +/// CurrentVersion is a description of the currently selected version from +/// the channel, if an update channel is being used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SpiceDBClusterStatusVersion { - /// Attributes is an optional set of descriptors for the update, which carry additional information like whether there will be a migration if this version is selected. + /// Attributes is an optional set of descriptors for the update, which + /// carry additional information like whether there will be a migration + /// if this version is selected. #[serde(default, skip_serializing_if = "Option::is_none")] pub attributes: Option>, /// Channel is the name of the channel this version is in diff --git a/kube-custom-resources-rs/src/awx_ansible_com/v1beta1/awxs.rs b/kube-custom-resources-rs/src/awx_ansible_com/v1beta1/awxs.rs index 1c1fe6457..a69c29eb2 100644 --- a/kube-custom-resources-rs/src/awx_ansible_com/v1beta1/awxs.rs +++ b/kube-custom-resources-rs/src/awx_ansible_com/v1beta1/awxs.rs @@ -251,6 +251,9 @@ pub struct AWXSpec { /// Secret where the old database configuration can be found for data migration #[serde(default, skip_serializing_if = "Option::is_none")] pub old_postgres_configuration_secret: Option, + /// Annotations to add to the Postgres deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub postgres_annotations: Option, /// Secret where the database configuration can be found #[serde(default, skip_serializing_if = "Option::is_none")] pub postgres_configuration_secret: Option, diff --git a/kube-custom-resources-rs/src/batch_volcano_sh/v1alpha1/jobs.rs b/kube-custom-resources-rs/src/batch_volcano_sh/v1alpha1/jobs.rs index 909a9e61a..06130cefd 100644 --- a/kube-custom-resources-rs/src/batch_volcano_sh/v1alpha1/jobs.rs +++ b/kube-custom-resources-rs/src/batch_volcano_sh/v1alpha1/jobs.rs @@ -910,6 +910,8 @@ pub struct JobTasksTemplateSpecContainersResourcesClaims { pub struct JobTasksTemplateSpecContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -932,6 +934,14 @@ pub struct JobTasksTemplateSpecContainersSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobTasksTemplateSpecContainersSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(rename = "type")] + pub r#type: String, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTasksTemplateSpecContainersSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1051,6 +1061,8 @@ pub struct JobTasksTemplateSpecContainersVolumeMounts { pub name: String, #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] @@ -1483,6 +1495,8 @@ pub struct JobTasksTemplateSpecEphemeralContainersResourcesClaims { pub struct JobTasksTemplateSpecEphemeralContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1505,6 +1519,14 @@ pub struct JobTasksTemplateSpecEphemeralContainersSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobTasksTemplateSpecEphemeralContainersSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(rename = "type")] + pub r#type: String, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTasksTemplateSpecEphemeralContainersSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1624,6 +1646,8 @@ pub struct JobTasksTemplateSpecEphemeralContainersVolumeMounts { pub name: String, #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] @@ -1634,8 +1658,7 @@ pub struct JobTasksTemplateSpecEphemeralContainersVolumeMounts { pub struct JobTasksTemplateSpecHostAliases { #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ip: Option, + pub ip: String, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2050,6 +2073,8 @@ pub struct JobTasksTemplateSpecInitContainersResourcesClaims { pub struct JobTasksTemplateSpecInitContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2072,6 +2097,14 @@ pub struct JobTasksTemplateSpecInitContainersSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobTasksTemplateSpecInitContainersSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(rename = "type")] + pub r#type: String, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTasksTemplateSpecInitContainersSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2191,6 +2224,8 @@ pub struct JobTasksTemplateSpecInitContainersVolumeMounts { pub name: String, #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] @@ -2230,6 +2265,8 @@ pub struct JobTasksTemplateSpecSchedulingGates { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTasksTemplateSpecSecurityContext { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] @@ -2252,6 +2289,14 @@ pub struct JobTasksTemplateSpecSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobTasksTemplateSpecSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(rename = "type")] + pub r#type: String, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTasksTemplateSpecSecurityContextSeLinuxOptions { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/beegfs_csi_netapp_com/v1/beegfsdrivers.rs b/kube-custom-resources-rs/src/beegfs_csi_netapp_com/v1/beegfsdrivers.rs index bb9042c19..6b8a92ce2 100644 --- a/kube-custom-resources-rs/src/beegfs_csi_netapp_com/v1/beegfsdrivers.rs +++ b/kube-custom-resources-rs/src/beegfs_csi_netapp_com/v1/beegfsdrivers.rs @@ -70,6 +70,9 @@ pub struct BeegfsDriverContainerImageOverrides { /// Defaults to registry.k8s.io/sig-storage/csi-provisioner:. #[serde(default, skip_serializing_if = "Option::is_none", rename = "csiProvisioner")] pub csi_provisioner: Option, + /// Defaults to registry.k8s.io/sig-storage/csi-resizer:. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "csiResizer")] + pub csi_resizer: Option, /// Defaults to registry.k8s.io/sig-storage/livenessprobe:. #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, @@ -108,6 +111,17 @@ pub struct BeegfsDriverContainerImageOverridesCsiProvisioner { pub tag: Option, } +/// Defaults to registry.k8s.io/sig-storage/csi-resizer:. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BeegfsDriverContainerImageOverridesCsiResizer { + /// A combination of registry and image (e.g. registry.k8s.io/csi-provisioner or ghcr.io/thinkparq/beegfs-csi-driver). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// A tag (e.g. v2.2.2 or latest). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tag: Option, +} + /// Defaults to registry.k8s.io/sig-storage/livenessprobe:. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BeegfsDriverContainerImageOverridesLivenessProbe { diff --git a/kube-custom-resources-rs/src/cassandra_datastax_com/v1beta1/cassandradatacenters.rs b/kube-custom-resources-rs/src/cassandra_datastax_com/v1beta1/cassandradatacenters.rs index 53e83f103..93967def2 100644 --- a/kube-custom-resources-rs/src/cassandra_datastax_com/v1beta1/cassandradatacenters.rs +++ b/kube-custom-resources-rs/src/cassandra_datastax_com/v1beta1/cassandradatacenters.rs @@ -127,6 +127,10 @@ pub struct CassandraDatacenterSpec { /// the number of racks cannot easily be changed once a datacenter is deployed. #[serde(default, skip_serializing_if = "Option::is_none")] pub racks: Option>, + /// ReadOnlyRootFilesystem makes the cassandra container to be run with a read-only root filesystem. Currently only functional when used with the + /// new k8ssandra-client config builder (Cassandra 4.1 and newer and HCD) + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] + pub read_only_root_filesystem: Option, /// Deprecated Use CassandraTask replacenode to achieve correct node replacement. A list of pod names that need to be replaced. #[serde(default, skip_serializing_if = "Option::is_none", rename = "replaceNodes")] pub replace_nodes: Option>, diff --git a/kube-custom-resources-rs/src/cert_manager_io/v1/certificates.rs b/kube-custom-resources-rs/src/cert_manager_io/v1/certificates.rs index 6837365a1..3498c8091 100644 --- a/kube-custom-resources-rs/src/cert_manager_io/v1/certificates.rs +++ b/kube-custom-resources-rs/src/cert_manager_io/v1/certificates.rs @@ -135,8 +135,27 @@ pub struct CertificateSpec { /// If unset, this defaults to 1/3 of the issued certificate's lifetime. /// Minimum accepted value is 5 minutes. /// Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration. + /// Cannot be set if the `renewBeforePercentage` field is set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "renewBefore")] pub renew_before: Option, + /// `renewBeforePercentage` is like `renewBefore`, except it is a relative percentage + /// rather than an absolute duration. For example, if a certificate is valid for 60 + /// minutes, and `renewBeforePercentage=25`, cert-manager will begin to attempt to + /// renew the certificate 45 minutes after it was issued (i.e. when there are 15 + /// minutes (25%) remaining until the certificate is no longer valid). + /// + /// + /// NOTE: The actual lifetime of the issued certificate is used to determine the + /// renewal time. If an issuer returns a certificate with a different lifetime than + /// the one requested, cert-manager will use the lifetime of the issued certificate. + /// + /// + /// Value must be an integer in the range (0,100). The minimum effective + /// `renewBefore` derived from the `renewBeforePercentage` and `duration` fields is 5 + /// minutes. + /// Cannot be set if the `renewBefore` field is set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "renewBeforePercentage")] + pub renew_before_percentage: Option, /// The maximum number of CertificateRequest revisions that are maintained in /// the Certificate's history. Each revision represents a single `CertificateRequest` /// created by this Certificate, either when it was created, renewed, or Spec diff --git a/kube-custom-resources-rs/src/cert_manager_io/v1/clusterissuers.rs b/kube-custom-resources-rs/src/cert_manager_io/v1/clusterissuers.rs index 2a54bb830..67395fa41 100644 --- a/kube-custom-resources-rs/src/cert_manager_io/v1/clusterissuers.rs +++ b/kube-custom-resources-rs/src/cert_manager_io/v1/clusterissuers.rs @@ -2123,9 +2123,9 @@ pub struct ClusterIssuerVenafiTpp { /// the cert-manager controller container is used to validate the TLS connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundleSecretRef")] pub ca_bundle_secret_ref: Option, - /// CredentialsRef is a reference to a Secret containing the username and - /// password for the TPP server. - /// The secret must contain two keys, 'username' and 'password'. + /// CredentialsRef is a reference to a Secret containing the Venafi TPP API credentials. + /// The secret must contain the key 'access-token' for the Access Token Authentication, + /// or two keys, 'username' and 'password' for the API Keys Authentication. #[serde(rename = "credentialsRef")] pub credentials_ref: ClusterIssuerVenafiTppCredentialsRef, /// URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, @@ -2150,9 +2150,9 @@ pub struct ClusterIssuerVenafiTppCaBundleSecretRef { pub name: String, } -/// CredentialsRef is a reference to a Secret containing the username and -/// password for the TPP server. -/// The secret must contain two keys, 'username' and 'password'. +/// CredentialsRef is a reference to a Secret containing the Venafi TPP API credentials. +/// The secret must contain the key 'access-token' for the Access Token Authentication, +/// or two keys, 'username' and 'password' for the API Keys Authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterIssuerVenafiTppCredentialsRef { /// Name of the resource being referred to. diff --git a/kube-custom-resources-rs/src/cert_manager_io/v1/issuers.rs b/kube-custom-resources-rs/src/cert_manager_io/v1/issuers.rs index 5c0da8b0a..3cdc57104 100644 --- a/kube-custom-resources-rs/src/cert_manager_io/v1/issuers.rs +++ b/kube-custom-resources-rs/src/cert_manager_io/v1/issuers.rs @@ -2124,9 +2124,9 @@ pub struct IssuerVenafiTpp { /// the cert-manager controller container is used to validate the TLS connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundleSecretRef")] pub ca_bundle_secret_ref: Option, - /// CredentialsRef is a reference to a Secret containing the username and - /// password for the TPP server. - /// The secret must contain two keys, 'username' and 'password'. + /// CredentialsRef is a reference to a Secret containing the Venafi TPP API credentials. + /// The secret must contain the key 'access-token' for the Access Token Authentication, + /// or two keys, 'username' and 'password' for the API Keys Authentication. #[serde(rename = "credentialsRef")] pub credentials_ref: IssuerVenafiTppCredentialsRef, /// URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, @@ -2151,9 +2151,9 @@ pub struct IssuerVenafiTppCaBundleSecretRef { pub name: String, } -/// CredentialsRef is a reference to a Secret containing the username and -/// password for the TPP server. -/// The secret must contain two keys, 'username' and 'password'. +/// CredentialsRef is a reference to a Secret containing the Venafi TPP API credentials. +/// The secret must contain the key 'access-token' for the Access Token Authentication, +/// or two keys, 'username' and 'password' for the API Keys Authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IssuerVenafiTppCredentialsRef { /// Name of the resource being referred to. diff --git a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/configurations.rs b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/configurations.rs index c6a7a96b9..538f605be 100644 --- a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/configurations.rs +++ b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/configurations.rs @@ -132,7 +132,7 @@ pub struct ConfigurationCatchCommand { /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -201,7 +201,7 @@ pub struct ConfigurationCatchDelete { /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -298,7 +298,7 @@ pub struct ConfigurationCatchDescribe { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -340,7 +340,7 @@ pub struct ConfigurationCatchDescribeClusters { /// Events determines the events collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConfigurationCatchEvents { - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -382,7 +382,7 @@ pub struct ConfigurationCatchGet { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -424,7 +424,7 @@ pub struct ConfigurationCatchGetClusters { /// PodLogs determines the pod logs collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConfigurationCatchPodLogs { - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -474,7 +474,7 @@ pub struct ConfigurationCatchScript { /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -551,7 +551,7 @@ pub struct ConfigurationCatchWait { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. diff --git a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/tests.rs b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/tests.rs index cddfb424f..19479a63a 100644 --- a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/tests.rs +++ b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/tests.rs @@ -128,7 +128,7 @@ pub struct TestCatchCommand { /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -197,7 +197,7 @@ pub struct TestCatchDelete { /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -294,7 +294,7 @@ pub struct TestCatchDescribe { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -336,7 +336,7 @@ pub struct TestCatchDescribeClusters { /// Events determines the events collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestCatchEvents { - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -378,7 +378,7 @@ pub struct TestCatchGet { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -420,7 +420,7 @@ pub struct TestCatchGetClusters { /// PodLogs determines the pod logs collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestCatchPodLogs { - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -470,7 +470,7 @@ pub struct TestCatchScript { /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -547,7 +547,7 @@ pub struct TestCatchWait { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -675,7 +675,7 @@ pub struct TestSteps { /// Cleanup defines what will be executed after the test is terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub cleanup: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -705,8 +705,11 @@ pub struct TestSteps { #[serde(default, skip_serializing_if = "Option::is_none")] pub timeouts: Option, /// Try defines what the step will try to execute. - #[serde(rename = "try")] - pub r#try: Vec, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "try")] + pub r#try: Option>, + /// Use defines a reference to a step template. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "use")] + pub r#use: Option, } /// Binding represents a key/value set as a binding in an executing test. @@ -765,7 +768,7 @@ pub struct TestStepsCatchCommand { /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -834,7 +837,7 @@ pub struct TestStepsCatchDelete { /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -931,7 +934,7 @@ pub struct TestStepsCatchDescribe { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -973,7 +976,7 @@ pub struct TestStepsCatchDescribeClusters { /// Events determines the events collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestStepsCatchEvents { - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1015,7 +1018,7 @@ pub struct TestStepsCatchGet { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1057,7 +1060,7 @@ pub struct TestStepsCatchGetClusters { /// PodLogs determines the pod logs collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestStepsCatchPodLogs { - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1107,7 +1110,7 @@ pub struct TestStepsCatchScript { /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1184,7 +1187,7 @@ pub struct TestStepsCatchWait { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1311,7 +1314,7 @@ pub struct TestStepsCleanupCommand { /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1380,7 +1383,7 @@ pub struct TestStepsCleanupDelete { /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1477,7 +1480,7 @@ pub struct TestStepsCleanupDescribe { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1519,7 +1522,7 @@ pub struct TestStepsCleanupDescribeClusters { /// Events determines the events collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestStepsCleanupEvents { - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1561,7 +1564,7 @@ pub struct TestStepsCleanupGet { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1603,7 +1606,7 @@ pub struct TestStepsCleanupGetClusters { /// PodLogs determines the pod logs collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestStepsCleanupPodLogs { - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1653,7 +1656,7 @@ pub struct TestStepsCleanupScript { /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1730,7 +1733,7 @@ pub struct TestStepsCleanupWait { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1876,7 +1879,7 @@ pub struct TestStepsFinallyCommand { /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -1945,7 +1948,7 @@ pub struct TestStepsFinallyDelete { /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2042,7 +2045,7 @@ pub struct TestStepsFinallyDescribe { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2084,7 +2087,7 @@ pub struct TestStepsFinallyDescribeClusters { /// Events determines the events collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestStepsFinallyEvents { - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2126,7 +2129,7 @@ pub struct TestStepsFinallyGet { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2168,7 +2171,7 @@ pub struct TestStepsFinallyGetClusters { /// PodLogs determines the pod logs collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestStepsFinallyPodLogs { - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2218,7 +2221,7 @@ pub struct TestStepsFinallyScript { /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2295,7 +2298,7 @@ pub struct TestStepsFinallyWait { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2467,7 +2470,7 @@ pub struct TestStepsTryApply { /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2547,7 +2550,7 @@ pub struct TestStepsTryAssert { /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2601,7 +2604,7 @@ pub struct TestStepsTryCommand { /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2670,7 +2673,7 @@ pub struct TestStepsTryCreate { /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2750,7 +2753,7 @@ pub struct TestStepsTryDelete { /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2847,7 +2850,7 @@ pub struct TestStepsTryDescribe { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2893,7 +2896,7 @@ pub struct TestStepsTryError { /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2938,7 +2941,7 @@ pub struct TestStepsTryErrorClusters { /// Events determines the events collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestStepsTryEvents { - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -2980,7 +2983,7 @@ pub struct TestStepsTryGet { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -3025,7 +3028,7 @@ pub struct TestStepsTryPatch { /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -3102,7 +3105,7 @@ pub struct TestStepsTryPatchOutputs { /// PodLogs determines the pod logs collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestStepsTryPodLogs { - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -3149,7 +3152,7 @@ pub struct TestStepsTryProxy { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -3212,7 +3215,7 @@ pub struct TestStepsTryScript { /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -3289,7 +3292,7 @@ pub struct TestStepsTryUpdate { /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -3369,7 +3372,7 @@ pub struct TestStepsTryWait { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] pub cluster: Option, /// Clusters holds a registry to clusters to support multi-cluster tests. @@ -3449,6 +3452,14 @@ pub struct TestStepsTryWaitForJsonPath { pub value: String, } +/// Use defines a reference to a step template. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TestStepsUse { + /// Template references a step template. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub template: Option, +} + /// Timeouts for the test. Overrides the global timeouts set in the Configuration on a per operation basis. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestTimeouts { diff --git a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha2/configurations.rs b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha2/configurations.rs index 965d459d9..089af262a 100644 --- a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha2/configurations.rs +++ b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha2/configurations.rs @@ -115,31 +115,12 @@ pub struct ConfigurationError { pub catch: Option>, } -/// Operation defines operation elements. +/// CatchFinally defines actions to be executed in catch, finally and cleanup blocks. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConfigurationErrorCatch { - /// Apply represents resources that should be applied for this test step. This can include things - /// like configuration settings or any other resources that need to be available during the test. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub apply: Option, - /// Assert represents an assertion to be made. It checks whether the conditions specified in the assertion hold true. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub assert: Option, - /// Bindings defines additional binding key/values. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cluster: Option, - /// Clusters holds a registry to clusters to support multi-cluster tests. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub clusters: Option>, /// Command defines a command to run. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option, - /// Create represents a creation operation. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub create: Option, /// Delete represents a deletion operation. #[serde(default, skip_serializing_if = "Option::is_none")] pub delete: Option, @@ -149,22 +130,12 @@ pub struct ConfigurationErrorCatch { /// Description contains a description of the operation. #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, - /// Error represents the expected errors for this test step. If any of these errors occur, the test - /// will consider them as expected; otherwise, they will be treated as test failures. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub error: Option, /// Events determines the events collector to execute. #[serde(default, skip_serializing_if = "Option::is_none")] pub events: Option, /// Get determines the resource get collector to execute. #[serde(default, skip_serializing_if = "Option::is_none")] pub get: Option, - /// Outputs defines output bindings. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub outputs: Option>, - /// Patch represents a patch operation. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub patch: Option, /// PodLogs determines the pod logs collector to execute. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podLogs")] pub pod_logs: Option, @@ -174,65 +145,40 @@ pub struct ConfigurationErrorCatch { /// Sleep defines zzzz. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, - /// Update represents an update operation. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub update: Option, /// Wait determines the resource wait collector to execute. #[serde(default, skip_serializing_if = "Option::is_none")] pub wait: Option, } -/// Apply represents resources that should be applied for this test step. This can include things -/// like configuration settings or any other resources that need to be available during the test. +/// Command defines a command to run. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchApply { - /// DryRun determines whether the file should be applied in dry run mode. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dryRun")] - pub dry_run: Option, - /// Expect defines a list of matched checks to validate the operation outcome. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub expect: Option>, - /// File is the path to the referenced file. This can be a direct path to a file - /// or an expression that matches multiple files, such as "manifest/*.yaml" for all YAML - /// files within the "manifest" directory. +pub struct ConfigurationErrorCatchCommand { + /// Args is the command arguments. #[serde(default, skip_serializing_if = "Option::is_none")] - pub file: Option, - /// Resource provides a resource to be applied. + pub args: Option>, + /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option>, - /// Template determines whether resources should be considered for templating. + pub bindings: Option>, + /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] - pub template: Option, - /// Timeout for the operation. Overrides the global timeout set in the Configuration. + pub check: Option>, + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] - pub timeout: Option, -} - -/// Expectation represents a check to be applied on the result of an operation -/// with a match filter to determine if the verification should be considered. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchApplyExpect { - /// Check defines the verification statement. - pub check: BTreeMap, - /// Match defines the matching statement. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] - pub r#match: Option>, -} - -/// Assert represents an assertion to be made. It checks whether the conditions specified in the assertion hold true. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchAssert { - /// File is the path to the referenced file. This can be a direct path to a file - /// or an expression that matches multiple files, such as "manifest/*.yaml" for all YAML - /// files within the "manifest" directory. + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. #[serde(default, skip_serializing_if = "Option::is_none")] - pub file: Option, - /// Check provides a check used in assertions. + pub clusters: Option>, + /// Entrypoint is the command entry point to run. + pub entrypoint: String, + /// Env defines additional environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option>, - /// Template determines whether resources should be considered for templating. + pub env: Option>, + /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] - pub template: Option, + pub outputs: Option>, + /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] + pub skip_log_output: Option, /// Timeout for the operation. Overrides the global timeout set in the Configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub timeout: Option, @@ -240,7 +186,7 @@ pub struct ConfigurationErrorCatchAssert { /// Binding represents a key/value set as a binding in an executing test. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchBindings { +pub struct ConfigurationErrorCatchCommandBindings { /// Name the name of the binding. pub name: String, /// Value value of the binding. @@ -249,7 +195,7 @@ pub struct ConfigurationErrorCatchBindings { /// Clusters holds a registry to clusters to support multi-cluster tests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchClusters { +pub struct ConfigurationErrorCatchCommandClusters { /// Context is the name of the context to use. #[serde(default, skip_serializing_if = "Option::is_none")] pub context: Option, @@ -258,28 +204,6 @@ pub struct ConfigurationErrorCatchClusters { pub kubeconfig: Option, } -/// Command defines a command to run. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchCommand { - /// Args is the command arguments. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Check is an assertion tree to validate the operation outcome. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub check: Option>, - /// Entrypoint is the command entry point to run. - pub entrypoint: String, - /// Env defines additional environment variables. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] - pub skip_log_output: Option, - /// Timeout for the operation. Overrides the global timeout set in the Configuration. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timeout: Option, -} - /// Binding represents a key/value set as a binding in an executing test. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConfigurationErrorCatchCommandEnv { @@ -289,45 +213,30 @@ pub struct ConfigurationErrorCatchCommandEnv { pub value: serde_json::Value, } -/// Create represents a creation operation. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchCreate { - /// DryRun determines whether the file should be applied in dry run mode. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dryRun")] - pub dry_run: Option, - /// Expect defines a list of matched checks to validate the operation outcome. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub expect: Option>, - /// File is the path to the referenced file. This can be a direct path to a file - /// or an expression that matches multiple files, such as "manifest/*.yaml" for all YAML - /// files within the "manifest" directory. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub file: Option, - /// Resource provides a resource to be applied. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option>, - /// Template determines whether resources should be considered for templating. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub template: Option, - /// Timeout for the operation. Overrides the global timeout set in the Configuration. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timeout: Option, -} - -/// Expectation represents a check to be applied on the result of an operation -/// with a match filter to determine if the verification should be considered. +/// Output represents an output binding with a match to determine if the binding must be considered or not. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchCreateExpect { - /// Check defines the verification statement. - pub check: BTreeMap, +pub struct ConfigurationErrorCatchCommandOutputs { /// Match defines the matching statement. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option>, + /// Name the name of the binding. + pub name: String, + /// Value value of the binding. + pub value: serde_json::Value, } /// Delete represents a deletion operation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConfigurationErrorCatchDelete { + /// Bindings defines additional binding key/values. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub bindings: Option>, + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// DeletionPropagationPolicy decides if a deletion will propagate to the dependents of /// the object, and how the garbage collector will handle the propagation. /// Overrides the deletion propagation policy set in the Configuration, the Test and the TestStep. @@ -352,6 +261,26 @@ pub struct ConfigurationErrorCatchDelete { pub timeout: Option, } +/// Binding represents a key/value set as a binding in an executing test. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigurationErrorCatchDeleteBindings { + /// Name the name of the binding. + pub name: String, + /// Value value of the binding. + pub value: serde_json::Value, +} + +/// Clusters holds a registry to clusters to support multi-cluster tests. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigurationErrorCatchDeleteClusters { + /// Context is the name of the context to use. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub context: Option, + /// Kubeconfig is the path to the referenced file. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kubeconfig: Option, +} + /// Delete represents a deletion operation. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ConfigurationErrorCatchDeleteDeletionPropagationPolicy { @@ -381,8 +310,8 @@ pub struct ConfigurationErrorCatchDeleteRef { /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds pub kind: String, /// Label selector to match objects to delete - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, /// Name of the referent. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] @@ -393,42 +322,18 @@ pub struct ConfigurationErrorCatchDeleteRef { pub namespace: Option, } -/// Label selector to match objects to delete -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchDeleteRefLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchDeleteRefLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - /// Describe determines the resource describe collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConfigurationErrorCatchDescribe { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// Kind of the referent. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds pub kind: String, @@ -451,29 +356,26 @@ pub struct ConfigurationErrorCatchDescribe { pub timeout: Option, } -/// Error represents the expected errors for this test step. If any of these errors occur, the test -/// will consider them as expected; otherwise, they will be treated as test failures. +/// Clusters holds a registry to clusters to support multi-cluster tests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchError { - /// File is the path to the referenced file. This can be a direct path to a file - /// or an expression that matches multiple files, such as "manifest/*.yaml" for all YAML - /// files within the "manifest" directory. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub file: Option, - /// Check provides a check used in assertions. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option>, - /// Template determines whether resources should be considered for templating. +pub struct ConfigurationErrorCatchDescribeClusters { + /// Context is the name of the context to use. #[serde(default, skip_serializing_if = "Option::is_none")] - pub template: Option, - /// Timeout for the operation. Overrides the global timeout set in the Configuration. + pub context: Option, + /// Kubeconfig is the path to the referenced file. #[serde(default, skip_serializing_if = "Option::is_none")] - pub timeout: Option, + pub kubeconfig: Option, } /// Events determines the events collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConfigurationErrorCatchEvents { + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// Format determines the output format (json or yaml). #[serde(default, skip_serializing_if = "Option::is_none")] pub format: Option, @@ -493,12 +395,29 @@ pub struct ConfigurationErrorCatchEvents { pub timeout: Option, } +/// Clusters holds a registry to clusters to support multi-cluster tests. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigurationErrorCatchEventsClusters { + /// Context is the name of the context to use. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub context: Option, + /// Kubeconfig is the path to the referenced file. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kubeconfig: Option, +} + /// Get determines the resource get collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConfigurationErrorCatchGet { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// Format determines the output format (json or yaml). #[serde(default, skip_serializing_if = "Option::is_none")] pub format: Option, @@ -521,57 +440,26 @@ pub struct ConfigurationErrorCatchGet { pub timeout: Option, } -/// Output represents an output binding with a match to determine if the binding must be considered or not. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchOutputs { - /// Match defines the matching statement. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] - pub r#match: Option>, - /// Name the name of the binding. - pub name: String, - /// Value value of the binding. - pub value: serde_json::Value, -} - -/// Patch represents a patch operation. +/// Clusters holds a registry to clusters to support multi-cluster tests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchPatch { - /// DryRun determines whether the file should be applied in dry run mode. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dryRun")] - pub dry_run: Option, - /// Expect defines a list of matched checks to validate the operation outcome. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub expect: Option>, - /// File is the path to the referenced file. This can be a direct path to a file - /// or an expression that matches multiple files, such as "manifest/*.yaml" for all YAML - /// files within the "manifest" directory. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub file: Option, - /// Resource provides a resource to be applied. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option>, - /// Template determines whether resources should be considered for templating. +pub struct ConfigurationErrorCatchGetClusters { + /// Context is the name of the context to use. #[serde(default, skip_serializing_if = "Option::is_none")] - pub template: Option, - /// Timeout for the operation. Overrides the global timeout set in the Configuration. + pub context: Option, + /// Kubeconfig is the path to the referenced file. #[serde(default, skip_serializing_if = "Option::is_none")] - pub timeout: Option, -} - -/// Expectation represents a check to be applied on the result of an operation -/// with a match filter to determine if the verification should be considered. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchPatchExpect { - /// Check defines the verification statement. - pub check: BTreeMap, - /// Match defines the matching statement. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] - pub r#match: Option>, + pub kubeconfig: Option, } /// PodLogs determines the pod logs collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConfigurationErrorCatchPodLogs { + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// Container in pod to get logs from else --all-containers is used. #[serde(default, skip_serializing_if = "Option::is_none")] pub container: Option, @@ -596,18 +484,41 @@ pub struct ConfigurationErrorCatchPodLogs { pub timeout: Option, } +/// Clusters holds a registry to clusters to support multi-cluster tests. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigurationErrorCatchPodLogsClusters { + /// Context is the name of the context to use. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub context: Option, + /// Kubeconfig is the path to the referenced file. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kubeconfig: Option, +} + /// Script defines a script to run. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConfigurationErrorCatchScript { + /// Bindings defines additional binding key/values. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub bindings: Option>, /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// Content defines a shell script (run with "sh -c ..."). #[serde(default, skip_serializing_if = "Option::is_none")] pub content: Option, /// Env defines additional environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// Outputs defines output bindings. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub outputs: Option>, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, @@ -618,54 +529,50 @@ pub struct ConfigurationErrorCatchScript { /// Binding represents a key/value set as a binding in an executing test. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchScriptEnv { +pub struct ConfigurationErrorCatchScriptBindings { /// Name the name of the binding. pub name: String, /// Value value of the binding. pub value: serde_json::Value, } -/// Sleep defines zzzz. +/// Clusters holds a registry to clusters to support multi-cluster tests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchSleep { - /// Duration is the delay used for sleeping. - pub duration: String, +pub struct ConfigurationErrorCatchScriptClusters { + /// Context is the name of the context to use. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub context: Option, + /// Kubeconfig is the path to the referenced file. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kubeconfig: Option, } -/// Update represents an update operation. +/// Binding represents a key/value set as a binding in an executing test. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchUpdate { - /// DryRun determines whether the file should be applied in dry run mode. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dryRun")] - pub dry_run: Option, - /// Expect defines a list of matched checks to validate the operation outcome. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub expect: Option>, - /// File is the path to the referenced file. This can be a direct path to a file - /// or an expression that matches multiple files, such as "manifest/*.yaml" for all YAML - /// files within the "manifest" directory. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub file: Option, - /// Resource provides a resource to be applied. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option>, - /// Template determines whether resources should be considered for templating. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub template: Option, - /// Timeout for the operation. Overrides the global timeout set in the Configuration. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timeout: Option, +pub struct ConfigurationErrorCatchScriptEnv { + /// Name the name of the binding. + pub name: String, + /// Value value of the binding. + pub value: serde_json::Value, } -/// Expectation represents a check to be applied on the result of an operation -/// with a match filter to determine if the verification should be considered. +/// Output represents an output binding with a match to determine if the binding must be considered or not. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ConfigurationErrorCatchUpdateExpect { - /// Check defines the verification statement. - pub check: BTreeMap, +pub struct ConfigurationErrorCatchScriptOutputs { /// Match defines the matching statement. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option>, + /// Name the name of the binding. + pub name: String, + /// Value value of the binding. + pub value: serde_json::Value, +} + +/// Sleep defines zzzz. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigurationErrorCatchSleep { + /// Duration is the delay used for sleeping. + pub duration: String, } /// Wait determines the resource wait collector to execute. @@ -674,6 +581,12 @@ pub struct ConfigurationErrorCatchWait { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// WaitFor specifies the condition to wait for. #[serde(rename = "for")] pub r#for: ConfigurationErrorCatchWaitFor, @@ -699,6 +612,17 @@ pub struct ConfigurationErrorCatchWait { pub timeout: Option, } +/// Clusters holds a registry to clusters to support multi-cluster tests. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigurationErrorCatchWaitClusters { + /// Context is the name of the context to use. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub context: Option, + /// Kubeconfig is the path to the referenced file. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kubeconfig: Option, +} + /// WaitFor specifies the condition to wait for. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConfigurationErrorCatchWaitFor { diff --git a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha2/tests.rs b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha2/tests.rs index 72f152ddd..07ef6b37c 100644 --- a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha2/tests.rs +++ b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha2/tests.rs @@ -111,31 +111,12 @@ pub struct TestError { pub catch: Option>, } -/// Operation defines operation elements. +/// CatchFinally defines actions to be executed in catch, finally and cleanup blocks. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestErrorCatch { - /// Apply represents resources that should be applied for this test step. This can include things - /// like configuration settings or any other resources that need to be available during the test. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub apply: Option, - /// Assert represents an assertion to be made. It checks whether the conditions specified in the assertion hold true. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub assert: Option, - /// Bindings defines additional binding key/values. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub bindings: Option>, - /// Cluster defines the target cluster (default cluster will be used if not specified and/or overridden). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cluster: Option, - /// Clusters holds a registry to clusters to support multi-cluster tests. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub clusters: Option>, /// Command defines a command to run. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option, - /// Create represents a creation operation. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub create: Option, /// Delete represents a deletion operation. #[serde(default, skip_serializing_if = "Option::is_none")] pub delete: Option, @@ -145,22 +126,12 @@ pub struct TestErrorCatch { /// Description contains a description of the operation. #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, - /// Error represents the expected errors for this test step. If any of these errors occur, the test - /// will consider them as expected; otherwise, they will be treated as test failures. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub error: Option, /// Events determines the events collector to execute. #[serde(default, skip_serializing_if = "Option::is_none")] pub events: Option, /// Get determines the resource get collector to execute. #[serde(default, skip_serializing_if = "Option::is_none")] pub get: Option, - /// Outputs defines output bindings. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub outputs: Option>, - /// Patch represents a patch operation. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub patch: Option, /// PodLogs determines the pod logs collector to execute. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podLogs")] pub pod_logs: Option, @@ -170,65 +141,40 @@ pub struct TestErrorCatch { /// Sleep defines zzzz. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, - /// Update represents an update operation. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub update: Option, /// Wait determines the resource wait collector to execute. #[serde(default, skip_serializing_if = "Option::is_none")] pub wait: Option, } -/// Apply represents resources that should be applied for this test step. This can include things -/// like configuration settings or any other resources that need to be available during the test. +/// Command defines a command to run. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchApply { - /// DryRun determines whether the file should be applied in dry run mode. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dryRun")] - pub dry_run: Option, - /// Expect defines a list of matched checks to validate the operation outcome. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub expect: Option>, - /// File is the path to the referenced file. This can be a direct path to a file - /// or an expression that matches multiple files, such as "manifest/*.yaml" for all YAML - /// files within the "manifest" directory. +pub struct TestErrorCatchCommand { + /// Args is the command arguments. #[serde(default, skip_serializing_if = "Option::is_none")] - pub file: Option, - /// Resource provides a resource to be applied. + pub args: Option>, + /// Bindings defines additional binding key/values. #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option>, - /// Template determines whether resources should be considered for templating. + pub bindings: Option>, + /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] - pub template: Option, - /// Timeout for the operation. Overrides the global timeout set in the Configuration. + pub check: Option>, + /// Cluster defines the target cluster (will be inherited if not specified). #[serde(default, skip_serializing_if = "Option::is_none")] - pub timeout: Option, -} - -/// Expectation represents a check to be applied on the result of an operation -/// with a match filter to determine if the verification should be considered. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchApplyExpect { - /// Check defines the verification statement. - pub check: BTreeMap, - /// Match defines the matching statement. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] - pub r#match: Option>, -} - -/// Assert represents an assertion to be made. It checks whether the conditions specified in the assertion hold true. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchAssert { - /// File is the path to the referenced file. This can be a direct path to a file - /// or an expression that matches multiple files, such as "manifest/*.yaml" for all YAML - /// files within the "manifest" directory. + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. #[serde(default, skip_serializing_if = "Option::is_none")] - pub file: Option, - /// Check provides a check used in assertions. + pub clusters: Option>, + /// Entrypoint is the command entry point to run. + pub entrypoint: String, + /// Env defines additional environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option>, - /// Template determines whether resources should be considered for templating. + pub env: Option>, + /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] - pub template: Option, + pub outputs: Option>, + /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] + pub skip_log_output: Option, /// Timeout for the operation. Overrides the global timeout set in the Configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub timeout: Option, @@ -236,7 +182,7 @@ pub struct TestErrorCatchAssert { /// Binding represents a key/value set as a binding in an executing test. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchBindings { +pub struct TestErrorCatchCommandBindings { /// Name the name of the binding. pub name: String, /// Value value of the binding. @@ -245,7 +191,7 @@ pub struct TestErrorCatchBindings { /// Clusters holds a registry to clusters to support multi-cluster tests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchClusters { +pub struct TestErrorCatchCommandClusters { /// Context is the name of the context to use. #[serde(default, skip_serializing_if = "Option::is_none")] pub context: Option, @@ -254,28 +200,6 @@ pub struct TestErrorCatchClusters { pub kubeconfig: Option, } -/// Command defines a command to run. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchCommand { - /// Args is the command arguments. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Check is an assertion tree to validate the operation outcome. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub check: Option>, - /// Entrypoint is the command entry point to run. - pub entrypoint: String, - /// Env defines additional environment variables. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] - pub skip_log_output: Option, - /// Timeout for the operation. Overrides the global timeout set in the Configuration. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timeout: Option, -} - /// Binding represents a key/value set as a binding in an executing test. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestErrorCatchCommandEnv { @@ -285,45 +209,30 @@ pub struct TestErrorCatchCommandEnv { pub value: serde_json::Value, } -/// Create represents a creation operation. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchCreate { - /// DryRun determines whether the file should be applied in dry run mode. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dryRun")] - pub dry_run: Option, - /// Expect defines a list of matched checks to validate the operation outcome. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub expect: Option>, - /// File is the path to the referenced file. This can be a direct path to a file - /// or an expression that matches multiple files, such as "manifest/*.yaml" for all YAML - /// files within the "manifest" directory. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub file: Option, - /// Resource provides a resource to be applied. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option>, - /// Template determines whether resources should be considered for templating. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub template: Option, - /// Timeout for the operation. Overrides the global timeout set in the Configuration. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timeout: Option, -} - -/// Expectation represents a check to be applied on the result of an operation -/// with a match filter to determine if the verification should be considered. +/// Output represents an output binding with a match to determine if the binding must be considered or not. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchCreateExpect { - /// Check defines the verification statement. - pub check: BTreeMap, +pub struct TestErrorCatchCommandOutputs { /// Match defines the matching statement. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option>, + /// Name the name of the binding. + pub name: String, + /// Value value of the binding. + pub value: serde_json::Value, } /// Delete represents a deletion operation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestErrorCatchDelete { + /// Bindings defines additional binding key/values. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub bindings: Option>, + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// DeletionPropagationPolicy decides if a deletion will propagate to the dependents of /// the object, and how the garbage collector will handle the propagation. /// Overrides the deletion propagation policy set in the Configuration, the Test and the TestStep. @@ -348,6 +257,26 @@ pub struct TestErrorCatchDelete { pub timeout: Option, } +/// Binding represents a key/value set as a binding in an executing test. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TestErrorCatchDeleteBindings { + /// Name the name of the binding. + pub name: String, + /// Value value of the binding. + pub value: serde_json::Value, +} + +/// Clusters holds a registry to clusters to support multi-cluster tests. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TestErrorCatchDeleteClusters { + /// Context is the name of the context to use. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub context: Option, + /// Kubeconfig is the path to the referenced file. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kubeconfig: Option, +} + /// Delete represents a deletion operation. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum TestErrorCatchDeleteDeletionPropagationPolicy { @@ -377,8 +306,8 @@ pub struct TestErrorCatchDeleteRef { /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds pub kind: String, /// Label selector to match objects to delete - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, /// Name of the referent. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] @@ -389,42 +318,18 @@ pub struct TestErrorCatchDeleteRef { pub namespace: Option, } -/// Label selector to match objects to delete -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchDeleteRefLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchDeleteRefLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - /// Describe determines the resource describe collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestErrorCatchDescribe { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// Kind of the referent. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds pub kind: String, @@ -447,29 +352,26 @@ pub struct TestErrorCatchDescribe { pub timeout: Option, } -/// Error represents the expected errors for this test step. If any of these errors occur, the test -/// will consider them as expected; otherwise, they will be treated as test failures. +/// Clusters holds a registry to clusters to support multi-cluster tests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchError { - /// File is the path to the referenced file. This can be a direct path to a file - /// or an expression that matches multiple files, such as "manifest/*.yaml" for all YAML - /// files within the "manifest" directory. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub file: Option, - /// Check provides a check used in assertions. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option>, - /// Template determines whether resources should be considered for templating. +pub struct TestErrorCatchDescribeClusters { + /// Context is the name of the context to use. #[serde(default, skip_serializing_if = "Option::is_none")] - pub template: Option, - /// Timeout for the operation. Overrides the global timeout set in the Configuration. + pub context: Option, + /// Kubeconfig is the path to the referenced file. #[serde(default, skip_serializing_if = "Option::is_none")] - pub timeout: Option, + pub kubeconfig: Option, } /// Events determines the events collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestErrorCatchEvents { + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// Format determines the output format (json or yaml). #[serde(default, skip_serializing_if = "Option::is_none")] pub format: Option, @@ -489,12 +391,29 @@ pub struct TestErrorCatchEvents { pub timeout: Option, } +/// Clusters holds a registry to clusters to support multi-cluster tests. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TestErrorCatchEventsClusters { + /// Context is the name of the context to use. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub context: Option, + /// Kubeconfig is the path to the referenced file. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kubeconfig: Option, +} + /// Get determines the resource get collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestErrorCatchGet { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// Format determines the output format (json or yaml). #[serde(default, skip_serializing_if = "Option::is_none")] pub format: Option, @@ -517,57 +436,26 @@ pub struct TestErrorCatchGet { pub timeout: Option, } -/// Output represents an output binding with a match to determine if the binding must be considered or not. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchOutputs { - /// Match defines the matching statement. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] - pub r#match: Option>, - /// Name the name of the binding. - pub name: String, - /// Value value of the binding. - pub value: serde_json::Value, -} - -/// Patch represents a patch operation. +/// Clusters holds a registry to clusters to support multi-cluster tests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchPatch { - /// DryRun determines whether the file should be applied in dry run mode. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dryRun")] - pub dry_run: Option, - /// Expect defines a list of matched checks to validate the operation outcome. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub expect: Option>, - /// File is the path to the referenced file. This can be a direct path to a file - /// or an expression that matches multiple files, such as "manifest/*.yaml" for all YAML - /// files within the "manifest" directory. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub file: Option, - /// Resource provides a resource to be applied. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option>, - /// Template determines whether resources should be considered for templating. +pub struct TestErrorCatchGetClusters { + /// Context is the name of the context to use. #[serde(default, skip_serializing_if = "Option::is_none")] - pub template: Option, - /// Timeout for the operation. Overrides the global timeout set in the Configuration. + pub context: Option, + /// Kubeconfig is the path to the referenced file. #[serde(default, skip_serializing_if = "Option::is_none")] - pub timeout: Option, -} - -/// Expectation represents a check to be applied on the result of an operation -/// with a match filter to determine if the verification should be considered. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchPatchExpect { - /// Check defines the verification statement. - pub check: BTreeMap, - /// Match defines the matching statement. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] - pub r#match: Option>, + pub kubeconfig: Option, } /// PodLogs determines the pod logs collector to execute. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestErrorCatchPodLogs { + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// Container in pod to get logs from else --all-containers is used. #[serde(default, skip_serializing_if = "Option::is_none")] pub container: Option, @@ -592,18 +480,41 @@ pub struct TestErrorCatchPodLogs { pub timeout: Option, } +/// Clusters holds a registry to clusters to support multi-cluster tests. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TestErrorCatchPodLogsClusters { + /// Context is the name of the context to use. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub context: Option, + /// Kubeconfig is the path to the referenced file. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kubeconfig: Option, +} + /// Script defines a script to run. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestErrorCatchScript { + /// Bindings defines additional binding key/values. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub bindings: Option>, /// Check is an assertion tree to validate the operation outcome. #[serde(default, skip_serializing_if = "Option::is_none")] pub check: Option>, + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// Content defines a shell script (run with "sh -c ..."). #[serde(default, skip_serializing_if = "Option::is_none")] pub content: Option, /// Env defines additional environment variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// Outputs defines output bindings. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub outputs: Option>, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, @@ -614,54 +525,50 @@ pub struct TestErrorCatchScript { /// Binding represents a key/value set as a binding in an executing test. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchScriptEnv { +pub struct TestErrorCatchScriptBindings { /// Name the name of the binding. pub name: String, /// Value value of the binding. pub value: serde_json::Value, } -/// Sleep defines zzzz. +/// Clusters holds a registry to clusters to support multi-cluster tests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchSleep { - /// Duration is the delay used for sleeping. - pub duration: String, +pub struct TestErrorCatchScriptClusters { + /// Context is the name of the context to use. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub context: Option, + /// Kubeconfig is the path to the referenced file. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kubeconfig: Option, } -/// Update represents an update operation. +/// Binding represents a key/value set as a binding in an executing test. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchUpdate { - /// DryRun determines whether the file should be applied in dry run mode. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dryRun")] - pub dry_run: Option, - /// Expect defines a list of matched checks to validate the operation outcome. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub expect: Option>, - /// File is the path to the referenced file. This can be a direct path to a file - /// or an expression that matches multiple files, such as "manifest/*.yaml" for all YAML - /// files within the "manifest" directory. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub file: Option, - /// Resource provides a resource to be applied. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resource: Option>, - /// Template determines whether resources should be considered for templating. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub template: Option, - /// Timeout for the operation. Overrides the global timeout set in the Configuration. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timeout: Option, +pub struct TestErrorCatchScriptEnv { + /// Name the name of the binding. + pub name: String, + /// Value value of the binding. + pub value: serde_json::Value, } -/// Expectation represents a check to be applied on the result of an operation -/// with a match filter to determine if the verification should be considered. +/// Output represents an output binding with a match to determine if the binding must be considered or not. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TestErrorCatchUpdateExpect { - /// Check defines the verification statement. - pub check: BTreeMap, +pub struct TestErrorCatchScriptOutputs { /// Match defines the matching statement. #[serde(default, skip_serializing_if = "Option::is_none", rename = "match")] pub r#match: Option>, + /// Name the name of the binding. + pub name: String, + /// Value value of the binding. + pub value: serde_json::Value, +} + +/// Sleep defines zzzz. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TestErrorCatchSleep { + /// Duration is the delay used for sleeping. + pub duration: String, } /// Wait determines the resource wait collector to execute. @@ -670,6 +577,12 @@ pub struct TestErrorCatchWait { /// API version of the referent. #[serde(rename = "apiVersion")] pub api_version: String, + /// Cluster defines the target cluster (will be inherited if not specified). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cluster: Option, + /// Clusters holds a registry to clusters to support multi-cluster tests. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub clusters: Option>, /// WaitFor specifies the condition to wait for. #[serde(rename = "for")] pub r#for: TestErrorCatchWaitFor, @@ -695,6 +608,17 @@ pub struct TestErrorCatchWait { pub timeout: Option, } +/// Clusters holds a registry to clusters to support multi-cluster tests. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TestErrorCatchWaitClusters { + /// Context is the name of the context to use. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub context: Option, + /// Kubeconfig is the path to the referenced file. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kubeconfig: Option, +} + /// WaitFor specifies the condition to wait for. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestErrorCatchWaitFor { diff --git a/kube-custom-resources-rs/src/charts_amd_com/v1alpha1/amdgpus.rs b/kube-custom-resources-rs/src/charts_amd_com/v1alpha1/amdgpus.rs index cc5da9dd7..80e3a30ac 100644 --- a/kube-custom-resources-rs/src/charts_amd_com/v1alpha1/amdgpus.rs +++ b/kube-custom-resources-rs/src/charts_amd_com/v1alpha1/amdgpus.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/charts_helm_k8s_io/v1alpha1/snykmonitors.rs b/kube-custom-resources-rs/src/charts_helm_k8s_io/v1alpha1/snykmonitors.rs index 776238acc..092caf472 100644 --- a/kube-custom-resources-rs/src/charts_helm_k8s_io/v1alpha1/snykmonitors.rs +++ b/kube-custom-resources-rs/src/charts_helm_k8s_io/v1alpha1/snykmonitors.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/charts_opdev_io/v1alpha1/synapses.rs b/kube-custom-resources-rs/src/charts_opdev_io/v1alpha1/synapses.rs index bb1bdaa5f..a0c3e8d51 100644 --- a/kube-custom-resources-rs/src/charts_opdev_io/v1alpha1/synapses.rs +++ b/kube-custom-resources-rs/src/charts_opdev_io/v1alpha1/synapses.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/charts_operatorhub_io/v1alpha1/cockroachdbs.rs b/kube-custom-resources-rs/src/charts_operatorhub_io/v1alpha1/cockroachdbs.rs index 69749dacb..0712f7c00 100644 --- a/kube-custom-resources-rs/src/charts_operatorhub_io/v1alpha1/cockroachdbs.rs +++ b/kube-custom-resources-rs/src/charts_operatorhub_io/v1alpha1/cockroachdbs.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/chisel_operator_io/mod.rs b/kube-custom-resources-rs/src/chisel_operator_io/mod.rs index a3a6d96c3..ae6adc7cf 100644 --- a/kube-custom-resources-rs/src/chisel_operator_io/mod.rs +++ b/kube-custom-resources-rs/src/chisel_operator_io/mod.rs @@ -1 +1,2 @@ pub mod v1; +pub mod v2; diff --git a/kube-custom-resources-rs/src/chisel_operator_io/v2/exitnodes.rs b/kube-custom-resources-rs/src/chisel_operator_io/v2/exitnodes.rs new file mode 100644 index 000000000..f891f62f7 --- /dev/null +++ b/kube-custom-resources-rs/src/chisel_operator_io/v2/exitnodes.rs @@ -0,0 +1,57 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/FyraLabs/chisel-operator/chisel-operator.io/v2/exitnodes.yaml --derive=Default --derive=PartialEq --smart-derive-elision +// kopium version: 0.20.1 + +#[allow(unused_imports)] +mod prelude { + pub use kube::CustomResource; + pub use serde::{Serialize, Deserialize}; +} +use self::prelude::*; + +/// ExitNode is a custom resource that represents a Chisel exit node. It will be used as the reverse proxy for all services in the cluster. +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "chisel-operator.io", version = "v2", kind = "ExitNode", plural = "exitnodes")] +#[kube(namespaced)] +#[kube(status = "ExitNodeStatus")] +#[kube(schema = "disabled")] +#[kube(derive="Default")] +#[kube(derive="PartialEq")] +pub struct ExitNodeSpec { + /// Optional authentication secret name to connect to the control plane + #[serde(default, skip_serializing_if = "Option::is_none")] + pub auth: Option, + /// Optional value for the chisel client image used to connect to the chisel server If not provided, jpillora/chisel:latest is used + #[serde(default, skip_serializing_if = "Option::is_none")] + pub chisel_image: Option, + /// Optional boolean value for whether to make the exit node the default route for the cluster If true, the exit node will be the default route for the cluster default value is false + #[serde(default, skip_serializing_if = "Option::is_none")] + pub default_route: Option, + /// Optional real external hostname/IP of exit node If not provided, the host field will be used + #[serde(default, skip_serializing_if = "Option::is_none")] + pub external_host: Option, + /// Optional but highly recommended fingerprint to perform host-key validation against the server's public key + #[serde(default, skip_serializing_if = "Option::is_none")] + pub fingerprint: Option, + /// Hostname or IP address of the chisel server + pub host: String, + /// Control plane port of the chisel server + pub port: u16, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ExitNodeStatus { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + pub ip: String, + pub name: String, + pub provider: String, + pub service_binding: Vec, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ExitNodeStatusServiceBinding { + pub name: String, + pub namespace: String, +} + diff --git a/kube-custom-resources-rs/src/chisel_operator_io/v2/mod.rs b/kube-custom-resources-rs/src/chisel_operator_io/v2/mod.rs new file mode 100644 index 000000000..b7c3487b8 --- /dev/null +++ b/kube-custom-resources-rs/src/chisel_operator_io/v2/mod.rs @@ -0,0 +1 @@ +pub mod exitnodes; diff --git a/kube-custom-resources-rs/src/cilium_io/v2/ciliumidentities.rs b/kube-custom-resources-rs/src/cilium_io/v2/ciliumidentities.rs index e4ad0e4c5..c525b61e6 100644 --- a/kube-custom-resources-rs/src/cilium_io/v2/ciliumidentities.rs +++ b/kube-custom-resources-rs/src/cilium_io/v2/ciliumidentities.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/claudie_io/v1beta1/inputmanifests.rs b/kube-custom-resources-rs/src/claudie_io/v1beta1/inputmanifests.rs index a54b904d6..762a4e699 100644 --- a/kube-custom-resources-rs/src/claudie_io/v1beta1/inputmanifests.rs +++ b/kube-custom-resources-rs/src/claudie_io/v1beta1/inputmanifests.rs @@ -25,10 +25,12 @@ pub struct InputManifestSpec { /// LoadBalancers list of loadbalancer clusters the Kubernetes clusters may use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancers")] pub load_balancers: Option, - /// NodePool is a map of dynamic nodepools and static nodepools which will be used to form kubernetes or loadbalancer clusters. + /// NodePool is a map of dynamic nodepools and static nodepools which will be used to + /// form kubernetes or loadbalancer clusters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePools")] pub node_pools: Option, - /// Providers list of defined cloud provider configuration that will be used while infrastructure provisioning. + /// Providers list of defined cloud provider configuration + /// that will be used while infrastructure provisioning. #[serde(default, skip_serializing_if = "Option::is_none")] pub providers: Option>, } @@ -50,7 +52,11 @@ pub struct InputManifestKubernetesClusters { pub network: String, /// List of nodepool names this cluster will use. pub pools: InputManifestKubernetesClustersPools, - /// Version should be defined in format vX.Y. In terms of supported versions of Kubernetes, Claudie follows kubeone releases and their supported versions. The current kubeone version used in Claudie is 1.5. To see the list of supported versions, please refer to kubeone documentation. https://docs.kubermatic.com/kubeone/v1.5/architecture/compatibility/supported-versions/#supported-kubernetes-versions + /// Version should be defined in format vX.Y. In terms of supported versions of Kubernetes, + /// Claudie follows kubeone releases and their supported versions. + /// The current kubeone version used in Claudie is 1.5. + /// To see the list of supported versions, please refer to kubeone documentation. + /// https://docs.kubermatic.com/kubeone/v1.8/architecture/compatibility/supported-versions/ pub version: String, } @@ -82,7 +88,8 @@ pub struct InputManifestLoadBalancersClusters { pub dns: Option, /// Name of the loadbalancer. pub name: String, - /// List of nodepool names this loadbalancer will use. Remember, that nodepools defined in nodepools are only "blueprints". The actual nodepool will be created once referenced here. + /// List of nodepool names this loadbalancer will use. Remember, that nodepools defined + /// in nodepools are only "blueprints". The actual nodepool will be created once referenced here. pub pools: Vec, /// List of roles the loadbalancer uses. pub roles: Vec, @@ -130,7 +137,8 @@ pub enum InputManifestLoadBalancersRolesProtocol { Udp, } -/// NodePool is a map of dynamic nodepools and static nodepools which will be used to form kubernetes or loadbalancer clusters. +/// NodePool is a map of dynamic nodepools and static nodepools which will be used to +/// form kubernetes or loadbalancer clusters. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InputManifestNodePools { /// Dynamic nodepools define nodepools dynamically created by Claudie. @@ -141,8 +149,13 @@ pub struct InputManifestNodePools { pub r#static: Option>, } -/// DynamicNodePool List of dynamically to-be-created nodepools of not yet existing machines, used for Kubernetes or loadbalancer clusters. These are only blueprints, and will only be created per reference in kubernetes or loadBalancer clusters. -/// E.g. if the nodepool isn't used, it won't even be created. Or if the same nodepool is used in two different clusters, it will be created twice. In OOP analogy, a dynamic nodepool would be a class that would get instantiated N >= 0 times depending on which clusters reference it. +/// DynamicNodePool List of dynamically to-be-created nodepools of not yet existing machines, used for Kubernetes or loadbalancer clusters. +/// These are only blueprints, and will only be created per reference in kubernetes or loadBalancer clusters. +/// +/// +/// E.g. if the nodepool isn't used, it won't even be created. Or if the same nodepool is used in two different clusters, +/// it will be created twice. In OOP analogy, a dynamic nodepool would be a class +/// that would get instantiated N >= 0 times depending on which clusters reference it. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InputManifestNodePoolsDynamic { /// User defined annotations for this nodepool. @@ -167,10 +180,12 @@ pub struct InputManifestNodePoolsDynamic { /// Collection of provider data to be used while creating the nodepool. #[serde(rename = "providerSpec")] pub provider_spec: InputManifestNodePoolsDynamicProviderSpec, - /// Type of the machines in the nodepool. Currently, only AMD64 machines are supported. + /// Type of the machines in the nodepool. Currently, only AMD64 machines are supported. #[serde(rename = "serverType")] pub server_type: String, - /// Size of the storage disk on the nodes in the nodepool in GB. The OS disk is created automatically with predefined size of 100GB for kubernetes nodes and 50GB for Loadbalancer nodes. The value must be either -1 (no disk is created), or >= 50. If no value is specified, 50 is used. + /// Size of the storage disk on the nodes in the nodepool in GB. The OS disk is created automatically + /// with predefined size of 100GB for kubernetes nodes and 50GB for Loadbalancer nodes. + /// The value must be either -1 (no disk is created), or >= 50. If no value is specified, 50 is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageDiskSize")] pub storage_disk_size: Option, /// User defined taints for this nodepool. @@ -210,14 +225,18 @@ pub struct InputManifestNodePoolsDynamicProviderSpec { pub zone: Option, } -/// The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. +/// The node this Taint is attached to has the "effect" on +/// any pod that does not tolerate the Taint. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InputManifestNodePoolsDynamicTaints { - /// Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + /// Required. The effect of the taint on pods + /// that do not tolerate the taint. + /// Valid effects are NoSchedule, PreferNoSchedule and NoExecute. pub effect: String, /// Required. The taint key to be applied to a node. pub key: String, - /// TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + /// TimeAdded represents the time at which the taint was added. + /// It is only written for NoExecute taints. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeAdded")] pub time_added: Option, /// The taint value corresponding to the taint key. @@ -264,14 +283,18 @@ pub struct InputManifestNodePoolsStaticNodesSecretRef { pub namespace: Option, } -/// The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. +/// The node this Taint is attached to has the "effect" on +/// any pod that does not tolerate the Taint. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InputManifestNodePoolsStaticTaints { - /// Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + /// Required. The effect of the taint on pods + /// that do not tolerate the taint. + /// Valid effects are NoSchedule, PreferNoSchedule and NoExecute. pub effect: String, /// Required. The taint key to be applied to a node. pub key: String, - /// TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + /// TimeAdded represents the time at which the taint was added. + /// It is only written for NoExecute taints. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeAdded")] pub time_added: Option, /// The taint value corresponding to the taint key. @@ -279,20 +302,24 @@ pub struct InputManifestNodePoolsStaticTaints { pub value: Option, } -/// Providers list of defined cloud provider configuration that will be used while infrastructure provisioning. +/// Providers list of defined cloud provider configuration +/// that will be used while infrastructure provisioning. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct InputManifestProviders { /// Name is the name of the provider specification. It has to be unique across all providers. pub name: String, - /// ProviderType type of a provider. A list of available providers can be found at https://docs.claudie.io/v0.3.2/input-manifest/providers/aws/ + /// ProviderType type of a provider. + /// A list of available providers can be found at https://docs.claudie.io/v0.3.2/input-manifest/providers/aws/ #[serde(rename = "providerType")] pub provider_type: InputManifestProvidersProviderType, - /// SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace + /// SecretReference represents a Secret Reference. It has enough information to retrieve secret + /// in any namespace #[serde(rename = "secretRef")] pub secret_ref: InputManifestProvidersSecretRef, } -/// Providers list of defined cloud provider configuration that will be used while infrastructure provisioning. +/// Providers list of defined cloud provider configuration +/// that will be used while infrastructure provisioning. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum InputManifestProvidersProviderType { #[serde(rename = "gcp")] @@ -313,7 +340,8 @@ pub enum InputManifestProvidersProviderType { Genesiscloud, } -/// SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace +/// SecretReference represents a Secret Reference. It has enough information to retrieve secret +/// in any namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InputManifestProvidersSecretRef { /// name is unique within a namespace to reference a secret resource. diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusterclasses.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusterclasses.rs index 9f33d0724..4f70ccaea 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusterclasses.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusterclasses.rs @@ -547,6 +547,9 @@ pub struct ClusterClassVariables { /// Metadata is the metadata of a variable. /// It can be used to add additional data for higher level tools to /// a ClusterClassVariable. + /// + /// + /// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please use XMetadata in JSONSchemaProps instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, /// Name of the variable. @@ -563,6 +566,9 @@ pub struct ClusterClassVariables { /// Metadata is the metadata of a variable. /// It can be used to add additional data for higher level tools to /// a ClusterClassVariable. +/// +/// +/// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please use XMetadata in JSONSchemaProps instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClassVariablesMetadata { /// Annotations is an unstructured key value map that can be used to store and @@ -699,6 +705,10 @@ pub struct ClusterClassVariablesSchemaOpenApiv3Schema { /// XValidations describes a list of validation rules written in the CEL expression language. #[serde(default, skip_serializing_if = "Option::is_none", rename = "x-kubernetes-validations")] pub x_kubernetes_validations: Option>, + /// XMetadata is the metadata of a variable or a nested field within a variable. + /// It can be used to add additional data for higher level tools. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "x-metadata")] + pub x_metadata: Option, } /// ValidationRule describes a validation rule written in the CEL expression language. @@ -801,6 +811,21 @@ pub enum ClusterClassVariablesSchemaOpenApiv3SchemaXKubernetesValidationsReason FieldValueDuplicate, } +/// XMetadata is the metadata of a variable or a nested field within a variable. +/// It can be used to add additional data for higher level tools. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterClassVariablesSchemaOpenApiv3SchemaXMetadata { + /// Annotations is an unstructured key value map that can be used to store and + /// retrieve arbitrary metadata. + /// They are not queryable. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Map of string keys and values that can be used to organize and categorize + /// (scope and select) variables. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, +} + /// Workers describes the worker nodes for the cluster. /// It is a collection of node types which can be used to create /// the worker nodes of the cluster. @@ -1448,6 +1473,9 @@ pub struct ClusterClassStatusVariablesDefinitions { /// Metadata is the metadata of a variable. /// It can be used to add additional data for higher level tools to /// a ClusterClassVariable. + /// + /// + /// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, /// Required specifies if the variable is required. @@ -1462,6 +1490,9 @@ pub struct ClusterClassStatusVariablesDefinitions { /// Metadata is the metadata of a variable. /// It can be used to add additional data for higher level tools to /// a ClusterClassVariable. +/// +/// +/// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClassStatusVariablesDefinitionsMetadata { /// Annotations is an unstructured key value map that can be used to store and @@ -1598,6 +1629,10 @@ pub struct ClusterClassStatusVariablesDefinitionsSchemaOpenApiv3Schema { /// XValidations describes a list of validation rules written in the CEL expression language. #[serde(default, skip_serializing_if = "Option::is_none", rename = "x-kubernetes-validations")] pub x_kubernetes_validations: Option>, + /// XMetadata is the metadata of a variable or a nested field within a variable. + /// It can be used to add additional data for higher level tools. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "x-metadata")] + pub x_metadata: Option, } /// ValidationRule describes a validation rule written in the CEL expression language. @@ -1700,3 +1735,18 @@ pub enum ClusterClassStatusVariablesDefinitionsSchemaOpenApiv3SchemaXKubernetesV FieldValueDuplicate, } +/// XMetadata is the metadata of a variable or a nested field within a variable. +/// It can be used to add additional data for higher level tools. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterClassStatusVariablesDefinitionsSchemaOpenApiv3SchemaXMetadata { + /// Annotations is an unstructured key value map that can be used to store and + /// retrieve arbitrary metadata. + /// They are not queryable. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Map of string keys and values that can be used to organize and categorize + /// (scope and select) variables. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, +} + diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusters.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusters.rs index a94bcf334..e8fc28947 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusters.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusters.rs @@ -382,10 +382,10 @@ pub struct ClusterTopologyControlPlaneVariables { /// Variable definition in the ClusterClass `status` variables. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterTopologyControlPlaneVariablesOverrides { - /// DefinitionFrom specifies where the definition of this Variable is from. DefinitionFrom is `inline` when the - /// definition is from the ClusterClass `.spec.variables` or the name of a patch defined in the ClusterClass - /// `.spec.patches` where the patch is external and provides external variables. - /// This field is mandatory if the variable has `DefinitionsConflict: true` in ClusterClass `status.variables[]` + /// DefinitionFrom specifies where the definition of this Variable is from. + /// + /// + /// Deprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion. #[serde(default, skip_serializing_if = "Option::is_none", rename = "definitionFrom")] pub definition_from: Option, /// Name of the variable. @@ -404,10 +404,10 @@ pub struct ClusterTopologyControlPlaneVariablesOverrides { /// Variable definition in the ClusterClass `status` variables. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterTopologyVariables { - /// DefinitionFrom specifies where the definition of this Variable is from. DefinitionFrom is `inline` when the - /// definition is from the ClusterClass `.spec.variables` or the name of a patch defined in the ClusterClass - /// `.spec.patches` where the patch is external and provides external variables. - /// This field is mandatory if the variable has `DefinitionsConflict: true` in ClusterClass `status.variables[]` + /// DefinitionFrom specifies where the definition of this Variable is from. + /// + /// + /// Deprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion. #[serde(default, skip_serializing_if = "Option::is_none", rename = "definitionFrom")] pub definition_from: Option, /// Name of the variable. @@ -741,10 +741,10 @@ pub struct ClusterTopologyWorkersMachineDeploymentsVariables { /// Variable definition in the ClusterClass `status` variables. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterTopologyWorkersMachineDeploymentsVariablesOverrides { - /// DefinitionFrom specifies where the definition of this Variable is from. DefinitionFrom is `inline` when the - /// definition is from the ClusterClass `.spec.variables` or the name of a patch defined in the ClusterClass - /// `.spec.patches` where the patch is external and provides external variables. - /// This field is mandatory if the variable has `DefinitionsConflict: true` in ClusterClass `status.variables[]` + /// DefinitionFrom specifies where the definition of this Variable is from. + /// + /// + /// Deprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion. #[serde(default, skip_serializing_if = "Option::is_none", rename = "definitionFrom")] pub definition_from: Option, /// Name of the variable. @@ -841,10 +841,10 @@ pub struct ClusterTopologyWorkersMachinePoolsVariables { /// Variable definition in the ClusterClass `status` variables. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterTopologyWorkersMachinePoolsVariablesOverrides { - /// DefinitionFrom specifies where the definition of this Variable is from. DefinitionFrom is `inline` when the - /// definition is from the ClusterClass `.spec.variables` or the name of a patch defined in the ClusterClass - /// `.spec.patches` where the patch is external and provides external variables. - /// This field is mandatory if the variable has `DefinitionsConflict: true` in ClusterClass `status.variables[]` + /// DefinitionFrom specifies where the definition of this Variable is from. + /// + /// + /// Deprecated: This field is deprecated, must not be set anymore and is going to be removed in the next apiVersion. #[serde(default, skip_serializing_if = "Option::is_none", rename = "definitionFrom")] pub definition_from: Option, /// Name of the variable. diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinedeployments.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinedeployments.rs index a13401351..3d1e64194 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinedeployments.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinedeployments.rs @@ -61,6 +61,9 @@ pub struct MachineDeploymentSpec { /// The number of old MachineSets to retain to allow rollback. /// This is a pointer to distinguish between explicit zero and not specified. /// Defaults to 1. + /// + /// + /// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10479 for more details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "revisionHistoryLimit")] pub revision_history_limit: Option, /// RolloutAfter is a field to indicate a rollout should be performed diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinehealthchecks.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinehealthchecks.rs index ca00bbe49..29907f14a 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinehealthchecks.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinehealthchecks.rs @@ -26,6 +26,9 @@ pub struct MachineHealthCheckSpec { pub cluster_name: String, /// Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by /// "selector" are not healthy. + /// + /// + /// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10722 for more details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnhealthy")] pub max_unhealthy: Option, /// NodeStartupTimeout allows to set the maximum time for MachineHealthCheck @@ -65,6 +68,9 @@ pub struct MachineHealthCheckSpec { /// Eg. "[3-5]" - This means that remediation will be allowed only when: /// (a) there are at least 3 unhealthy machines (and) /// (b) there are at most 5 unhealthy machines + /// + /// + /// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10722 for more details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unhealthyRange")] pub unhealthy_range: Option, } diff --git a/kube-custom-resources-rs/src/confidentialcontainers_org/v1beta1/ccruntimes.rs b/kube-custom-resources-rs/src/confidentialcontainers_org/v1beta1/ccruntimes.rs index 3617aedd6..9b4fd9456 100644 --- a/kube-custom-resources-rs/src/confidentialcontainers_org/v1beta1/ccruntimes.rs +++ b/kube-custom-resources-rs/src/confidentialcontainers_org/v1beta1/ccruntimes.rs @@ -3403,11 +3403,13 @@ pub struct CcRuntimeConfigPreInstallVolumesVsphereVolume { pub volume_path: String, } -/// RuntimeClass holds the name and the snapshotter to be used by a runtime class +/// RuntimeClass holds the name and basic customizations to be used by a runtime class #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigRuntimeClasses { /// Name of the runtime class pub name: String, + /// The pulling image method to be used by the runtime class + pub pulltype: String, /// The snapshotter to be used by the runtime class pub snapshotter: String, } diff --git a/kube-custom-resources-rs/src/devices_kubeedge_io/v1beta1/devices.rs b/kube-custom-resources-rs/src/devices_kubeedge_io/v1beta1/devices.rs index 2ca16ccc2..fc6085d1d 100644 --- a/kube-custom-resources-rs/src/devices_kubeedge_io/v1beta1/devices.rs +++ b/kube-custom-resources-rs/src/devices_kubeedge_io/v1beta1/devices.rs @@ -259,6 +259,12 @@ pub struct DeviceProtocol { /// DeviceStatus reports the device state and the desired/reported values of twin attributes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeviceStatus { + /// Optional: The last time the device was online. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastOnlineTime")] + pub last_online_time: Option, + /// Optional: The state of the device. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub state: Option, /// A list of device twins containing desired/reported desired/reported values of twin properties. Optional: A passive device won't have twin properties and this list could be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub twins: Option>, diff --git a/kube-custom-resources-rs/src/dex_coreos_com/v1/authcodes.rs b/kube-custom-resources-rs/src/dex_coreos_com/v1/authcodes.rs index c59f40997..447223771 100644 --- a/kube-custom-resources-rs/src/dex_coreos_com/v1/authcodes.rs +++ b/kube-custom-resources-rs/src/dex_coreos_com/v1/authcodes.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/dex_coreos_com/v1/authrequests.rs b/kube-custom-resources-rs/src/dex_coreos_com/v1/authrequests.rs index 00b4cb046..1ce2815fd 100644 --- a/kube-custom-resources-rs/src/dex_coreos_com/v1/authrequests.rs +++ b/kube-custom-resources-rs/src/dex_coreos_com/v1/authrequests.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/dex_coreos_com/v1/connectors.rs b/kube-custom-resources-rs/src/dex_coreos_com/v1/connectors.rs index 4ff23ba46..10b896d3a 100644 --- a/kube-custom-resources-rs/src/dex_coreos_com/v1/connectors.rs +++ b/kube-custom-resources-rs/src/dex_coreos_com/v1/connectors.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/dex_coreos_com/v1/devicerequests.rs b/kube-custom-resources-rs/src/dex_coreos_com/v1/devicerequests.rs index 8383229cf..6f85c6c33 100644 --- a/kube-custom-resources-rs/src/dex_coreos_com/v1/devicerequests.rs +++ b/kube-custom-resources-rs/src/dex_coreos_com/v1/devicerequests.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/dex_coreos_com/v1/devicetokens.rs b/kube-custom-resources-rs/src/dex_coreos_com/v1/devicetokens.rs index 3860291a7..b32016927 100644 --- a/kube-custom-resources-rs/src/dex_coreos_com/v1/devicetokens.rs +++ b/kube-custom-resources-rs/src/dex_coreos_com/v1/devicetokens.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/dex_coreos_com/v1/oauth2clients.rs b/kube-custom-resources-rs/src/dex_coreos_com/v1/oauth2clients.rs index 8b8085c55..3872188dd 100644 --- a/kube-custom-resources-rs/src/dex_coreos_com/v1/oauth2clients.rs +++ b/kube-custom-resources-rs/src/dex_coreos_com/v1/oauth2clients.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/dex_coreos_com/v1/offlinesessionses.rs b/kube-custom-resources-rs/src/dex_coreos_com/v1/offlinesessionses.rs index dbf194be5..dc917a15c 100644 --- a/kube-custom-resources-rs/src/dex_coreos_com/v1/offlinesessionses.rs +++ b/kube-custom-resources-rs/src/dex_coreos_com/v1/offlinesessionses.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/dex_coreos_com/v1/passwords.rs b/kube-custom-resources-rs/src/dex_coreos_com/v1/passwords.rs index b26cfb6c1..526b2d034 100644 --- a/kube-custom-resources-rs/src/dex_coreos_com/v1/passwords.rs +++ b/kube-custom-resources-rs/src/dex_coreos_com/v1/passwords.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/dex_coreos_com/v1/refreshtokens.rs b/kube-custom-resources-rs/src/dex_coreos_com/v1/refreshtokens.rs index cf6326b6a..891507453 100644 --- a/kube-custom-resources-rs/src/dex_coreos_com/v1/refreshtokens.rs +++ b/kube-custom-resources-rs/src/dex_coreos_com/v1/refreshtokens.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/dex_coreos_com/v1/signingkeies.rs b/kube-custom-resources-rs/src/dex_coreos_com/v1/signingkeies.rs index 05e3305ea..99e9f81b9 100644 --- a/kube-custom-resources-rs/src/dex_coreos_com/v1/signingkeies.rs +++ b/kube-custom-resources-rs/src/dex_coreos_com/v1/signingkeies.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/elasticsearch_k8s_elastic_co/v1/elasticsearches.rs b/kube-custom-resources-rs/src/elasticsearch_k8s_elastic_co/v1/elasticsearches.rs index 942d29a81..b6414a66f 100644 --- a/kube-custom-resources-rs/src/elasticsearch_k8s_elastic_co/v1/elasticsearches.rs +++ b/kube-custom-resources-rs/src/elasticsearch_k8s_elastic_co/v1/elasticsearches.rs @@ -8300,6 +8300,9 @@ pub struct ElasticsearchTransportTls { /// Example: if set to "node.cluster.local", the generated certificate will have its otherName set to ".node.cluster.local". #[serde(default, skip_serializing_if = "Option::is_none", rename = "otherNameSuffix")] pub other_name_suffix: Option, + /// SelfSignedCertificates allows configuring the self-signed certificate generated by the operator. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "selfSignedCertificates")] + pub self_signed_certificates: Option, /// SubjectAlternativeNames is a list of SANs to include in the generated node transport TLS certificates. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subjectAltNames")] pub subject_alt_names: Option>, @@ -8327,6 +8330,14 @@ pub struct ElasticsearchTransportTlsCertificateAuthorities { pub config_map_name: Option, } +/// SelfSignedCertificates allows configuring the self-signed certificate generated by the operator. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ElasticsearchTransportTlsSelfSignedCertificates { + /// Disabled indicates that provisioning of the self-signed certificates should be disabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disabled: Option, +} + /// SubjectAlternativeName represents a SAN entry in a x509 certificate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ElasticsearchTransportTlsSubjectAltNames { diff --git a/kube-custom-resources-rs/src/executor_testkube_io/v1/webhooks.rs b/kube-custom-resources-rs/src/executor_testkube_io/v1/webhooks.rs index 694d30be8..a9364a1f8 100644 --- a/kube-custom-resources-rs/src/executor_testkube_io/v1/webhooks.rs +++ b/kube-custom-resources-rs/src/executor_testkube_io/v1/webhooks.rs @@ -28,6 +28,7 @@ pub struct WebhookSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, /// OnStateChange will trigger the webhook only when the result of the current execution differs from the previous result of the same test/test suite/workflow + /// Deprecated: field is not used #[serde(default, skip_serializing_if = "Option::is_none", rename = "onStateChange")] pub on_state_change: Option, /// will load the generated payload for notification inside the object diff --git a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clustersecretstores.rs b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clustersecretstores.rs index 2eae307f2..3e694bf02 100644 --- a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clustersecretstores.rs +++ b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clustersecretstores.rs @@ -159,6 +159,10 @@ pub struct ClusterSecretStoreProvider { /// Scaleway #[serde(default, skip_serializing_if = "Option::is_none")] pub scaleway: Option, + /// SecretServer configures this store to sync secrets using SecretServer provider + /// https://docs.delinea.com/online-help/secret-server/start.htm + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secretserver: Option, /// Senhasegura configures this store to sync secrets using senhasegura provider #[serde(default, skip_serializing_if = "Option::is_none")] pub senhasegura: Option, @@ -1548,7 +1552,11 @@ pub struct ClusterSecretStoreProviderKeepersecurityAuthRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKubernetes { /// Auth configures how secret-manager authenticates with a Kubernetes instance. - pub auth: ClusterSecretStoreProviderKubernetesAuth, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub auth: Option, + /// A reference to a secret that contains the auth information. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authRef")] + pub auth_ref: Option, /// Remote namespace to fetch the secrets from #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteNamespace")] pub remote_namespace: Option, @@ -1660,6 +1668,22 @@ pub struct ClusterSecretStoreProviderKubernetesAuthTokenBearerToken { pub namespace: Option, } +/// A reference to a secret that contains the auth information. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderKubernetesAuthRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + /// configures the Kubernetes server Address. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKubernetesServer { @@ -2124,6 +2148,74 @@ pub struct ClusterSecretStoreProviderScalewaySecretKeySecretRef { pub namespace: Option, } +/// SecretServer configures this store to sync secrets using SecretServer provider +/// https://docs.delinea.com/online-help/secret-server/start.htm +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderSecretserver { + /// Password is the secret server account password. + pub password: ClusterSecretStoreProviderSecretserverPassword, + /// ServerURL + /// URL to your secret server installation + #[serde(rename = "serverURL")] + pub server_url: String, + /// Username is the secret server account username. + pub username: ClusterSecretStoreProviderSecretserverUsername, +} + +/// Password is the secret server account password. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderSecretserverPassword { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderSecretserverPasswordSecretRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// Username is the secret server account username. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderSecretserverUsername { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderSecretserverUsernameSecretRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + /// Senhasegura configures this store to sync secrets using senhasegura provider #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderSenhasegura { @@ -2186,6 +2278,9 @@ pub struct ClusterSecretStoreProviderVault { /// https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header #[serde(default, skip_serializing_if = "Option::is_none", rename = "forwardInconsistent")] pub forward_inconsistent: Option, + /// Headers to be added in Vault request + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, /// Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows /// Vault environments to support Secure Multi-tenancy. e.g: "ns1". /// More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces diff --git a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/secretstores.rs b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/secretstores.rs index e9890cce5..f94126610 100644 --- a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/secretstores.rs +++ b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/secretstores.rs @@ -160,6 +160,10 @@ pub struct SecretStoreProvider { /// Scaleway #[serde(default, skip_serializing_if = "Option::is_none")] pub scaleway: Option, + /// SecretServer configures this store to sync secrets using SecretServer provider + /// https://docs.delinea.com/online-help/secret-server/start.htm + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secretserver: Option, /// Senhasegura configures this store to sync secrets using senhasegura provider #[serde(default, skip_serializing_if = "Option::is_none")] pub senhasegura: Option, @@ -1549,7 +1553,11 @@ pub struct SecretStoreProviderKeepersecurityAuthRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKubernetes { /// Auth configures how secret-manager authenticates with a Kubernetes instance. - pub auth: SecretStoreProviderKubernetesAuth, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub auth: Option, + /// A reference to a secret that contains the auth information. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authRef")] + pub auth_ref: Option, /// Remote namespace to fetch the secrets from #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteNamespace")] pub remote_namespace: Option, @@ -1661,6 +1669,22 @@ pub struct SecretStoreProviderKubernetesAuthTokenBearerToken { pub namespace: Option, } +/// A reference to a secret that contains the auth information. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderKubernetesAuthRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + /// configures the Kubernetes server Address. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKubernetesServer { @@ -2125,6 +2149,74 @@ pub struct SecretStoreProviderScalewaySecretKeySecretRef { pub namespace: Option, } +/// SecretServer configures this store to sync secrets using SecretServer provider +/// https://docs.delinea.com/online-help/secret-server/start.htm +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderSecretserver { + /// Password is the secret server account password. + pub password: SecretStoreProviderSecretserverPassword, + /// ServerURL + /// URL to your secret server installation + #[serde(rename = "serverURL")] + pub server_url: String, + /// Username is the secret server account username. + pub username: SecretStoreProviderSecretserverUsername, +} + +/// Password is the secret server account password. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderSecretserverPassword { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderSecretserverPasswordSecretRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// Username is the secret server account username. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderSecretserverUsername { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderSecretserverUsernameSecretRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + /// Senhasegura configures this store to sync secrets using senhasegura provider #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderSenhasegura { @@ -2187,6 +2279,9 @@ pub struct SecretStoreProviderVault { /// https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header #[serde(default, skip_serializing_if = "Option::is_none", rename = "forwardInconsistent")] pub forward_inconsistent: Option, + /// Headers to be added in Vault request + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, /// Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows /// Vault environments to support Secure Multi-tenancy. e.g: "ns1". /// More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces diff --git a/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobtemplates.rs b/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobtemplates.rs index ee6645281..9fe3f5e8a 100644 --- a/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobtemplates.rs +++ b/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobtemplates.rs @@ -910,6 +910,8 @@ pub struct JobTemplateTasksTemplateSpecContainersResourcesClaims { pub struct JobTemplateTasksTemplateSpecContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -932,6 +934,14 @@ pub struct JobTemplateTasksTemplateSpecContainersSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobTemplateTasksTemplateSpecContainersSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(rename = "type")] + pub r#type: String, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecContainersSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1051,6 +1061,8 @@ pub struct JobTemplateTasksTemplateSpecContainersVolumeMounts { pub name: String, #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] @@ -1483,6 +1495,8 @@ pub struct JobTemplateTasksTemplateSpecEphemeralContainersResourcesClaims { pub struct JobTemplateTasksTemplateSpecEphemeralContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1505,6 +1519,14 @@ pub struct JobTemplateTasksTemplateSpecEphemeralContainersSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobTemplateTasksTemplateSpecEphemeralContainersSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(rename = "type")] + pub r#type: String, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecEphemeralContainersSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1624,6 +1646,8 @@ pub struct JobTemplateTasksTemplateSpecEphemeralContainersVolumeMounts { pub name: String, #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] @@ -1634,8 +1658,7 @@ pub struct JobTemplateTasksTemplateSpecEphemeralContainersVolumeMounts { pub struct JobTemplateTasksTemplateSpecHostAliases { #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ip: Option, + pub ip: String, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2050,6 +2073,8 @@ pub struct JobTemplateTasksTemplateSpecInitContainersResourcesClaims { pub struct JobTemplateTasksTemplateSpecInitContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2072,6 +2097,14 @@ pub struct JobTemplateTasksTemplateSpecInitContainersSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobTemplateTasksTemplateSpecInitContainersSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(rename = "type")] + pub r#type: String, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecInitContainersSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2191,6 +2224,8 @@ pub struct JobTemplateTasksTemplateSpecInitContainersVolumeMounts { pub name: String, #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] @@ -2230,6 +2265,8 @@ pub struct JobTemplateTasksTemplateSpecSchedulingGates { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecSecurityContext { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] @@ -2252,6 +2289,14 @@ pub struct JobTemplateTasksTemplateSpecSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobTemplateTasksTemplateSpecSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(rename = "type")] + pub r#type: String, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplateSpecSecurityContextSeLinuxOptions { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs index a877170ad..25342136d 100644 --- a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs +++ b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs @@ -2366,6 +2366,9 @@ pub struct FlowCollectorExporters { /// Kafka configuration, such as the address and topic, to send enriched flows to. #[serde(default, skip_serializing_if = "Option::is_none")] pub kafka: Option, + /// Open telemetry configuration, such as the IP address and port to send enriched logs, metrics and or traces to. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "openTelemetry")] + pub open_telemetry: Option, /// `type` selects the type of exporters. The available options are `Kafka` and `IPFIX`. #[serde(rename = "type")] pub r#type: FlowCollectorExportersType, @@ -2564,12 +2567,160 @@ pub enum FlowCollectorExportersKafkaTlsUserCertType { Secret, } +/// Open telemetry configuration, such as the IP address and port to send enriched logs, metrics and or traces to. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlowCollectorExportersOpenTelemetry { + /// Custom fields mapping to an OpenTelemetry conformant format. + /// By default, NetObserv format proposal is used: https://github.com/rhobs/observability-data-model/blob/main/network-observability.md#format-proposal . + /// As there is currently no accepted otlp standard for L3/4 network logs, you can freely override it with your own. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldsMapping")] + pub fields_mapping: Option>, + /// Headers to add to messages (optional) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// Open telemetry configuration for logs. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub logs: Option, + /// Open telemetry configuration for metrics. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Protocol of Open Telemetry connection. The available options are `http` and `grpc`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, + /// Address of the Open Telemetry receiver + #[serde(rename = "targetHost")] + pub target_host: String, + /// Port for the Open Telemetry receiver + #[serde(rename = "targetPort")] + pub target_port: i64, + /// TLS client configuration. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tls: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlowCollectorExportersOpenTelemetryFieldsMapping { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub input: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub multiplier: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub output: Option, +} + +/// Open telemetry configuration for logs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlowCollectorExportersOpenTelemetryLogs { + /// Set `enable` to `true` to send logs to Open Telemetry receiver. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enable: Option, +} + +/// Open telemetry configuration for metrics. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlowCollectorExportersOpenTelemetryMetrics { + /// Set `enable` to `true` to send metrics to Open Telemetry receiver. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enable: Option, + /// How often should metrics be sent to collector + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pushTimeInterval")] + pub push_time_interval: Option, +} + +/// Open telemetry configuration, such as the IP address and port to send enriched logs, metrics and or traces to. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorExportersOpenTelemetryProtocol { + #[serde(rename = "http")] + Http, + #[serde(rename = "grpc")] + Grpc, +} + +/// TLS client configuration. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlowCollectorExportersOpenTelemetryTls { + /// `caCert` defines the reference of the certificate for the Certificate Authority + #[serde(default, skip_serializing_if = "Option::is_none", rename = "caCert")] + pub ca_cert: Option, + /// Enable TLS + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enable: Option, + /// `insecureSkipVerify` allows skipping client-side verification of the server certificate. + /// If set to `true`, the `caCert` field is ignored. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// `userCert` defines the user certificate reference and is used for mTLS (you can ignore it when using one-way TLS) + #[serde(default, skip_serializing_if = "Option::is_none", rename = "userCert")] + pub user_cert: Option, +} + +/// `caCert` defines the reference of the certificate for the Certificate Authority +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlowCollectorExportersOpenTelemetryTlsCaCert { + /// `certFile` defines the path to the certificate file name within the config map or secret. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certFile")] + pub cert_file: Option, + /// `certKey` defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certKey")] + pub cert_key: Option, + /// Name of the config map or secret containing certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed. + /// If the namespace is different, the config map or the secret is copied so that it can be mounted as required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Type for the certificate reference: `configmap` or `secret`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// `caCert` defines the reference of the certificate for the Certificate Authority +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorExportersOpenTelemetryTlsCaCertType { + #[serde(rename = "configmap")] + Configmap, + #[serde(rename = "secret")] + Secret, +} + +/// `userCert` defines the user certificate reference and is used for mTLS (you can ignore it when using one-way TLS) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlowCollectorExportersOpenTelemetryTlsUserCert { + /// `certFile` defines the path to the certificate file name within the config map or secret. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certFile")] + pub cert_file: Option, + /// `certKey` defines the path to the certificate private key file name within the config map or secret. Omit when the key is not necessary. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certKey")] + pub cert_key: Option, + /// Name of the config map or secret containing certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the config map or secret containing certificates. If omitted, the default is to use the same namespace as where NetObserv is deployed. + /// If the namespace is different, the config map or the secret is copied so that it can be mounted as required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Type for the certificate reference: `configmap` or `secret`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// `userCert` defines the user certificate reference and is used for mTLS (you can ignore it when using one-way TLS) +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorExportersOpenTelemetryTlsUserCertType { + #[serde(rename = "configmap")] + Configmap, + #[serde(rename = "secret")] + Secret, +} + /// `FlowCollectorExporter` defines an additional exporter to send enriched flows to. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum FlowCollectorExportersType { Kafka, #[serde(rename = "IPFIX")] Ipfix, + OpenTelemetry, } /// Kafka configuration, allowing to use Kafka as a broker as part of the flow collection pipeline. Available when the `spec.deploymentModel` is `Kafka`. diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterfilters.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterfilters.rs index 24251e906..dc2b558c5 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterfilters.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterfilters.rs @@ -199,6 +199,11 @@ pub struct ClusterFilterFiltersKubernetes { /// For example, set this value to 60 or 60s and cache entries which have been created more than 60s will be evicted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeMetaCacheTTL")] pub kube_meta_cache_ttl: Option, + /// Configurable TTL for K8s cached namespace metadata. + /// By default, it is set to 900 which means a 15min TTL for namespace cache entries. + /// Setting this to 0 will mean entries are evicted at random once the cache is full. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeMetaNamespaceCacheTTL")] + pub kube_meta_namespace_cache_ttl: Option, /// If set, Kubernetes meta-data can be cached/pre-loaded from files in JSON format in this directory, /// named as namespace-pod.meta #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeMetaPreloadCacheDir")] @@ -207,6 +212,10 @@ pub struct ClusterFilterFiltersKubernetes { /// this option allows to specify what's the prefix used in Tail configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeTagPrefix")] pub kube_tag_prefix: Option, + /// Command to get Kubernetes authorization token. + /// By default, it will be NULL and we will use token file to get token. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeTokenCommand")] + pub kube_token_command: Option, /// Token file #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeTokenFile")] pub kube_token_file: Option, @@ -241,6 +250,16 @@ pub struct ClusterFilterFiltersKubernetes { /// Optional parser name to specify how to parse the data contained in the log key. Recommended use is for developers or testing only. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mergeParser")] pub merge_parser: Option, + /// Include Kubernetes namespace resource annotations in the extra metadata. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceAnnotations")] + pub namespace_annotations: Option, + /// Include Kubernetes namespace resource labels in the extra metadata. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceLabels")] + pub namespace_labels: Option, + /// Include Kubernetes namespace metadata only and no pod metadata. + /// If this is set, the values of Labels and Annotations are ignored. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceMetadataOnly")] + pub namespace_metadata_only: Option, /// Set an alternative Parser to process record Tag and extract pod_name, namespace_name, container_name and docker_id. /// The parser must be registered in a parsers file (refer to parser filter-kube-test as an example). #[serde(default, skip_serializing_if = "Option::is_none", rename = "regexParser")] @@ -306,8 +325,12 @@ pub struct ClusterFilterFiltersLuaScript { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterinputs.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterinputs.rs index efcee8754..885d6bdf8 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterinputs.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterinputs.rs @@ -267,8 +267,12 @@ pub struct ClusterInputHttpTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -419,6 +423,12 @@ pub struct ClusterInputOpenTelemetry { /// It allows to set successful response code. 200, 201 and 204 are supported(default 201). #[serde(default, skip_serializing_if = "Option::is_none", rename = "successfulResponseCode")] pub successful_response_code: Option, + /// opentelemetry uses the tag value for incoming metrics. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tag: Option, + /// If true, tag will be created from uri. e.g. v1_metrics from /v1/metrics + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagFromURI")] + pub tag_from_uri: Option, /// Specify the key name to overwrite a tag. If set, the tag will be overwritten by a value of the key. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagKey")] pub tag_key: Option, diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusteroutputs.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusteroutputs.rs index 91e9a547b..4a9688b11 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusteroutputs.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusteroutputs.rs @@ -265,8 +265,12 @@ pub struct ClusterOutputAzureBlobSharedKeyValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -341,8 +345,12 @@ pub struct ClusterOutputAzureBlobTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -392,8 +400,12 @@ pub struct ClusterOutputAzureLogAnalyticsCustomerIdValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -423,8 +435,12 @@ pub struct ClusterOutputAzureLogAnalyticsSharedKeyValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -607,8 +623,12 @@ pub struct ClusterOutputDatadogApikeyValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -776,8 +796,12 @@ pub struct ClusterOutputEsHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -807,8 +831,12 @@ pub struct ClusterOutputEsHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -945,8 +973,12 @@ pub struct ClusterOutputEsTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1157,8 +1189,12 @@ pub struct ClusterOutputForwardPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1233,8 +1269,12 @@ pub struct ClusterOutputForwardTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1264,8 +1304,12 @@ pub struct ClusterOutputForwardUsernameValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1454,8 +1498,12 @@ pub struct ClusterOutputGelfTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1571,8 +1619,12 @@ pub struct ClusterOutputHttpHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1602,8 +1654,12 @@ pub struct ClusterOutputHttpHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1742,8 +1798,12 @@ pub struct ClusterOutputHttpTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1822,8 +1882,12 @@ pub struct ClusterOutputInfluxDbHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1853,8 +1917,12 @@ pub struct ClusterOutputInfluxDbHttpTokenValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1884,8 +1952,12 @@ pub struct ClusterOutputInfluxDbHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2022,8 +2094,12 @@ pub struct ClusterOutputInfluxDbTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2135,6 +2211,10 @@ pub struct ClusterOutputLoki { /// If set to true, it will add all Kubernetes labels to the Stream labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoKubernetesLabels")] pub auto_kubernetes_labels: Option, + /// Set bearer token authentication token value. + /// Can be used as alterntative to HTTP basic authentication + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bearerToken")] + pub bearer_token: Option, /// If set to true and after extracting labels only a single key remains, the log line sent to Loki will be the value of that key in line_format. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dropSingleKey")] pub drop_single_key: Option, @@ -2183,6 +2263,9 @@ pub struct ClusterOutputLoki { /// Fluent Bit provides integrated support for Transport Layer Security (TLS) and it predecessor Secure Sockets Layer (SSL) respectively. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, + /// Specify a custom HTTP URI. It must start with forward slash. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uri: Option, } /// Loki defines Loki Output configuration. @@ -2194,6 +2277,42 @@ pub enum ClusterOutputLokiAutoKubernetesLabels { Off, } +/// Set bearer token authentication token value. +/// Can be used as alterntative to HTTP basic authentication +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterOutputLokiBearerToken { + /// ValueSource defines how to find a value's key. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// ValueSource defines how to find a value's key. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterOutputLokiBearerTokenValueFrom { + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a secret in the pod's namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterOutputLokiBearerTokenValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + /// Loki defines Loki Output configuration. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterOutputLokiDropSingleKey { @@ -2226,8 +2345,12 @@ pub struct ClusterOutputLokiHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2257,8 +2380,12 @@ pub struct ClusterOutputLokiHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2360,8 +2487,12 @@ pub struct ClusterOutputLokiTenantIdValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2436,8 +2567,12 @@ pub struct ClusterOutputLokiTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2478,6 +2613,8 @@ pub struct ClusterOutputOpensearch { /// otherwise the value must be according to the Unit Size specification. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bufferSize")] pub buffer_size: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub compress: Option, /// Use current time for index generation instead of message record #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentTimeIndex")] pub current_time_index: Option, @@ -2575,6 +2712,13 @@ pub struct ClusterOutputOpensearch { pub write_operation: Option, } +/// OpenSearch defines OpenSearch Output configuration. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterOutputOpensearchCompress { + #[serde(rename = "gzip")] + Gzip, +} + /// Password for user defined in HTTP_User #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOutputOpensearchHttpPassword { @@ -2597,8 +2741,12 @@ pub struct ClusterOutputOpensearchHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2628,8 +2776,12 @@ pub struct ClusterOutputOpensearchHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2766,8 +2918,12 @@ pub struct ClusterOutputOpensearchTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2842,8 +2998,12 @@ pub struct ClusterOutputOpentelemetryHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2873,8 +3033,12 @@ pub struct ClusterOutputOpentelemetryHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3011,8 +3175,12 @@ pub struct ClusterOutputOpentelemetryTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3097,8 +3265,12 @@ pub struct ClusterOutputPrometheusRemoteWriteHttpPasswdValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3128,8 +3300,12 @@ pub struct ClusterOutputPrometheusRemoteWriteHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3266,8 +3442,12 @@ pub struct ClusterOutputPrometheusRemoteWriteTlsKeyPasswordValueFromSecretKeyRef /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3431,8 +3611,12 @@ pub struct ClusterOutputS3TlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3535,8 +3719,12 @@ pub struct ClusterOutputSplunkHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3566,8 +3754,12 @@ pub struct ClusterOutputSplunkHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3659,8 +3851,12 @@ pub struct ClusterOutputSplunkSplunkTokenValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3735,8 +3931,12 @@ pub struct ClusterOutputSplunkTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3837,8 +4037,12 @@ pub struct ClusterOutputStackdriverServiceAccountEmailValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3868,8 +4072,12 @@ pub struct ClusterOutputStackdriverServiceAccountSecretValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4097,8 +4305,12 @@ pub struct ClusterOutputSyslogTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4287,8 +4499,12 @@ pub struct ClusterOutputTcpTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/collectors.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/collectors.rs index bb7d49925..9150cb0ec 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/collectors.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/collectors.rs @@ -292,8 +292,31 @@ pub struct CollectorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExe #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -317,6 +340,7 @@ pub struct CollectorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExe } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -389,8 +413,31 @@ pub struct CollectorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExe #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -414,6 +461,7 @@ pub struct CollectorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExec } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -517,8 +565,31 @@ pub struct CollectorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDurin #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -542,6 +613,7 @@ pub struct CollectorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDurin } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -614,8 +686,31 @@ pub struct CollectorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDurin #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -639,6 +734,7 @@ pub struct CollectorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuring } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -707,8 +803,12 @@ pub struct CollectorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuring #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorImagePullSecrets { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -844,6 +944,20 @@ pub struct CollectorPvcSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -922,38 +1036,18 @@ pub struct CollectorPvcSpecDataSourceRef { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorPvcSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, /// Requests describes the minimum amount of compute resources required. /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CollectorPvcSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorPvcSpecSelector { @@ -993,13 +1087,70 @@ pub struct CollectorPvcStatus { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may - /// be larger than the actual capacity when a volume expansion operation is requested. + /// allocatedResourceStatuses stores status of resource being resized for the given PVC. + /// Key names follow standard Kubernetes label syntax. Valid values are either: + /// * Un-prefixed keys: + /// - storage - the capacity of the volume. + /// * Custom resources must use implementation-defined prefixed names such as "example.com/my-custom-resource" + /// Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered + /// reserved and hence may not be used. + /// + /// + /// ClaimResourceStatus can be in any of following states: + /// - ControllerResizeInProgress: + /// State set when resize controller starts resizing the volume in control-plane. + /// - ControllerResizeFailed: + /// State set when resize has failed in resize controller with a terminal error. + /// - NodeResizePending: + /// State set when resize controller has finished resizing the volume but further resizing of + /// volume is needed on the node. + /// - NodeResizeInProgress: + /// State set when kubelet starts resizing the volume. + /// - NodeResizeFailed: + /// State set when resizing has failed in kubelet with a terminal error. Transient errors don't set + /// NodeResizeFailed. + /// For example: if expanding a PVC for more capacity - this field can be one of the following states: + /// - pvc.status.allocatedResourceStatus['storage'] = "ControllerResizeInProgress" + /// - pvc.status.allocatedResourceStatus['storage'] = "ControllerResizeFailed" + /// - pvc.status.allocatedResourceStatus['storage'] = "NodeResizePending" + /// - pvc.status.allocatedResourceStatus['storage'] = "NodeResizeInProgress" + /// - pvc.status.allocatedResourceStatus['storage'] = "NodeResizeFailed" + /// When this field is not set, it means that no resize operation is in progress for the given PVC. + /// + /// + /// A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus + /// should ignore the update for the purpose it was designed. For example - a controller that + /// only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid + /// resources associated with PVC. + /// + /// + /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResourceStatuses")] + pub allocated_resource_statuses: Option>, + /// allocatedResources tracks the resources allocated to a PVC including its capacity. + /// Key names follow standard Kubernetes label syntax. Valid values are either: + /// * Un-prefixed keys: + /// - storage - the capacity of the volume. + /// * Custom resources must use implementation-defined prefixed names such as "example.com/my-custom-resource" + /// Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered + /// reserved and hence may not be used. + /// + /// + /// Capacity reported here may be larger than the actual capacity when a volume expansion operation + /// is requested. /// For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. /// If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. /// If a volume expansion capacity request is lowered, allocatedResources is only /// lowered if there are no expansion operations in progress and if the actual volume capacity /// is equal or lower than the requested capacity. + /// + /// + /// A controller that receives PVC update with previously unknown resourceName + /// should ignore the update for the purpose it was designed. For example - a controller that + /// only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid + /// resources associated with PVC. + /// + /// /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResources")] pub allocated_resources: Option>, @@ -1007,18 +1158,43 @@ pub struct CollectorPvcStatus { #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option>, /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - /// resized then the Condition will be set to 'ResizeStarted'. + /// resized then the Condition will be set to 'Resizing'. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + /// When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + /// This is an alpha field and requires enabling VolumeAttributesClass feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentVolumeAttributesClassName")] + pub current_volume_attributes_class_name: Option, + /// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + /// When this is unset, there is no ModifyVolume operation being attempted. + /// This is an alpha field and requires enabling VolumeAttributesClass feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "modifyVolumeStatus")] + pub modify_volume_status: Option, /// phase represents the current phase of PersistentVolumeClaim. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// resizeStatus stores status of resize operation. - /// ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty - /// string by resize controller or kubelet. - /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizeStatus")] - pub resize_status: Option, +} + +/// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. +/// When this is unset, there is no ModifyVolume operation being attempted. +/// This is an alpha field and requires enabling VolumeAttributesClass feature. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CollectorPvcStatusModifyVolumeStatus { + /// status is the status of the ControllerModifyVolume operation. It can be in any of following states: + /// - Pending + /// Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as + /// the specified VolumeAttributesClass not existing. + /// - InProgress + /// InProgress indicates that the volume is being modified. + /// - Infeasible + /// Infeasible indicates that the request has been rejected as invalid by the CSI driver. To + /// resolve the error, a valid VolumeAttributesClass needs to be specified. + /// Note: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately. + pub status: String, + /// targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetVolumeAttributesClassName")] + pub target_volume_attributes_class_name: Option, } /// PolicyRule holds information that describes a policy rule, but does not contain information @@ -1064,7 +1240,7 @@ pub struct CollectorResources { pub limits: Option>, /// Requests describes the minimum amount of compute resources required. /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, @@ -1082,6 +1258,10 @@ pub struct CollectorResourcesClaims { /// SecurityContext holds pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -1163,6 +1343,25 @@ pub struct CollectorSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CollectorSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -1192,7 +1391,7 @@ pub struct CollectorSecurityContextSeccompProfile { /// localhostProfile indicates a profile defined in a file on the node should be used. /// The profile must be preconfigured on the node to work. /// Must be a descending path, relative to the kubelet's configured seccomp profile location. - /// Must only be set if type is "Localhost". + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, /// type indicates which kind of seccomp profile will be applied. @@ -1230,12 +1429,9 @@ pub struct CollectorSecurityContextWindowsOptions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, /// HostProcess determines if a container should be run as a 'Host Process' container. - /// This field is alpha-level and will only be honored by components that enable the - /// WindowsHostProcessContainers feature flag. Setting this field without the feature - /// flag will result in errors when validating the Pod. All of a Pod's containers must - /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess - /// containers and non-HostProcess containers). In addition, if HostProcess is true - /// then HostNetwork must also be set to true. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, /// The UserName in Windows to run the entrypoint of the container process. @@ -1540,8 +1736,12 @@ pub struct CollectorVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1576,8 +1776,12 @@ pub struct CollectorVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1604,8 +1808,12 @@ pub struct CollectorVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -1669,8 +1877,12 @@ pub struct CollectorVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1696,7 +1908,7 @@ pub struct CollectorVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -1715,7 +1927,7 @@ pub struct CollectorVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -1755,7 +1967,7 @@ pub struct CollectorVolumesEmptyDir { /// The maximum usage on memory medium EmptyDir would be the minimum value between /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. /// The default is nil which means that the limit is undefined. - /// More info: http://kubernetes.io/docs/user-guide/volumes#emptydir + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } @@ -1932,6 +2144,20 @@ pub struct CollectorVolumesEphemeralVolumeClaimTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -2010,38 +2236,18 @@ pub struct CollectorVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, /// Requests describes the minimum amount of compute resources required. /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CollectorVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -2132,8 +2338,12 @@ pub struct CollectorVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2289,8 +2499,12 @@ pub struct CollectorVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2376,6 +2590,24 @@ pub struct CollectorVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -2390,6 +2622,83 @@ pub struct CollectorVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CollectorVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CollectorVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CollectorVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesProjectedSourcesConfigMap { @@ -2403,8 +2712,12 @@ pub struct CollectorVolumesProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -2443,7 +2756,7 @@ pub struct CollectorVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -2462,7 +2775,7 @@ pub struct CollectorVolumesProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2500,8 +2813,12 @@ pub struct CollectorVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -2630,8 +2947,12 @@ pub struct CollectorVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2681,8 +3002,12 @@ pub struct CollectorVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2773,8 +3098,12 @@ pub struct CollectorVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CollectorVolumesStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2809,6 +3138,8 @@ pub struct CollectorVolumesMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -2817,6 +3148,28 @@ pub struct CollectorVolumesMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/filters.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/filters.rs index 5e1165372..4d1a3317a 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/filters.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/filters.rs @@ -200,6 +200,11 @@ pub struct FilterFiltersKubernetes { /// For example, set this value to 60 or 60s and cache entries which have been created more than 60s will be evicted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeMetaCacheTTL")] pub kube_meta_cache_ttl: Option, + /// Configurable TTL for K8s cached namespace metadata. + /// By default, it is set to 900 which means a 15min TTL for namespace cache entries. + /// Setting this to 0 will mean entries are evicted at random once the cache is full. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeMetaNamespaceCacheTTL")] + pub kube_meta_namespace_cache_ttl: Option, /// If set, Kubernetes meta-data can be cached/pre-loaded from files in JSON format in this directory, /// named as namespace-pod.meta #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeMetaPreloadCacheDir")] @@ -208,6 +213,10 @@ pub struct FilterFiltersKubernetes { /// this option allows to specify what's the prefix used in Tail configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeTagPrefix")] pub kube_tag_prefix: Option, + /// Command to get Kubernetes authorization token. + /// By default, it will be NULL and we will use token file to get token. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeTokenCommand")] + pub kube_token_command: Option, /// Token file #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeTokenFile")] pub kube_token_file: Option, @@ -242,6 +251,16 @@ pub struct FilterFiltersKubernetes { /// Optional parser name to specify how to parse the data contained in the log key. Recommended use is for developers or testing only. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mergeParser")] pub merge_parser: Option, + /// Include Kubernetes namespace resource annotations in the extra metadata. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceAnnotations")] + pub namespace_annotations: Option, + /// Include Kubernetes namespace resource labels in the extra metadata. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceLabels")] + pub namespace_labels: Option, + /// Include Kubernetes namespace metadata only and no pod metadata. + /// If this is set, the values of Labels and Annotations are ignored. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceMetadataOnly")] + pub namespace_metadata_only: Option, /// Set an alternative Parser to process record Tag and extract pod_name, namespace_name, container_name and docker_id. /// The parser must be registered in a parsers file (refer to parser filter-kube-test as an example). #[serde(default, skip_serializing_if = "Option::is_none", rename = "regexParser")] @@ -307,8 +326,12 @@ pub struct FilterFiltersLuaScript { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/fluentbits.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/fluentbits.rs index c509de54f..c73537c80 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/fluentbits.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/fluentbits.rs @@ -331,8 +331,31 @@ pub struct FluentBitAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExe #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -356,6 +379,7 @@ pub struct FluentBitAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExe } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -428,8 +452,31 @@ pub struct FluentBitAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExe #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -453,6 +500,7 @@ pub struct FluentBitAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExec } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -556,8 +604,31 @@ pub struct FluentBitAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDurin #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -581,6 +652,7 @@ pub struct FluentBitAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDurin } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -653,8 +725,31 @@ pub struct FluentBitAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDurin #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -678,6 +773,7 @@ pub struct FluentBitAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuring } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -753,6 +849,11 @@ pub struct FluentBitContainerSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -819,6 +920,26 @@ pub struct FluentBitContainerSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentBitContainerSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -862,7 +983,7 @@ pub struct FluentBitContainerSecurityContextSeccompProfile { /// localhostProfile indicates a profile defined in a file on the node should be used. /// The profile must be preconfigured on the node to work. /// Must be a descending path, relative to the kubelet's configured seccomp profile location. - /// Must only be set if type is "Localhost". + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, /// type indicates which kind of seccomp profile will be applied. @@ -891,12 +1012,9 @@ pub struct FluentBitContainerSecurityContextWindowsOptions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, /// HostProcess determines if a container should be run as a 'Host Process' container. - /// This field is alpha-level and will only be honored by components that enable the - /// WindowsHostProcessContainers feature flag. Setting this field without the feature - /// flag will result in errors when validating the Pod. All of a Pod's containers must - /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess - /// containers and non-HostProcess containers). In addition, if HostProcess is true - /// then HostNetwork must also be set to true. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, /// The UserName in Windows to run the entrypoint of the container process. @@ -953,8 +1071,12 @@ pub struct FluentBitEnvVarsValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -994,8 +1116,12 @@ pub struct FluentBitEnvVarsValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1008,8 +1134,12 @@ pub struct FluentBitEnvVarsValueFromSecretKeyRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitImagePullSecrets { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1091,11 +1221,31 @@ pub struct FluentBitInitContainers { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, + /// Resources resize policy for the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] + pub resize_policy: Option>, /// Compute Resources required by this container. /// Cannot be updated. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] + pub restart_policy: Option, /// SecurityContext defines the security options the container should be run with. /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ @@ -1207,8 +1357,12 @@ pub struct FluentBitInitContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1248,8 +1402,12 @@ pub struct FluentBitInitContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1275,8 +1433,12 @@ pub struct FluentBitInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitInitContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1288,8 +1450,12 @@ pub struct FluentBitInitContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitInitContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1332,6 +1498,9 @@ pub struct FluentBitInitContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1377,12 +1546,20 @@ pub struct FluentBitInitContainersLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitInitContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentBitInitContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1414,6 +1591,9 @@ pub struct FluentBitInitContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1459,12 +1639,20 @@ pub struct FluentBitInitContainersLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitInitContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentBitInitContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1493,7 +1681,6 @@ pub struct FluentBitInitContainersLivenessProbe { #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. - /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. @@ -1546,7 +1733,6 @@ pub struct FluentBitInitContainersLivenessProbeExec { } /// GRPC specifies an action involving a GRPC port. -/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1586,7 +1772,8 @@ pub struct FluentBitInitContainersLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitInitContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1645,7 +1832,6 @@ pub struct FluentBitInitContainersReadinessProbe { #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. - /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. @@ -1698,7 +1884,6 @@ pub struct FluentBitInitContainersReadinessProbeExec { } /// GRPC specifies an action involving a GRPC port. -/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1738,7 +1923,8 @@ pub struct FluentBitInitContainersReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitInitContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1756,6 +1942,19 @@ pub struct FluentBitInitContainersReadinessProbeTcpSocket { pub port: IntOrString, } +/// ContainerResizePolicy represents resource resize policy for the container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentBitInitContainersResizePolicy { + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. + #[serde(rename = "restartPolicy")] + pub restart_policy: String, +} + /// Compute Resources required by this container. /// Cannot be updated. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ @@ -1778,7 +1977,7 @@ pub struct FluentBitInitContainersResources { pub limits: Option>, /// Requests describes the minimum amount of compute resources required. /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, @@ -1807,6 +2006,11 @@ pub struct FluentBitInitContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -1873,6 +2077,26 @@ pub struct FluentBitInitContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentBitInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -1916,7 +2140,7 @@ pub struct FluentBitInitContainersSecurityContextSeccompProfile { /// localhostProfile indicates a profile defined in a file on the node should be used. /// The profile must be preconfigured on the node to work. /// Must be a descending path, relative to the kubelet's configured seccomp profile location. - /// Must only be set if type is "Localhost". + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, /// type indicates which kind of seccomp profile will be applied. @@ -1945,12 +2169,9 @@ pub struct FluentBitInitContainersSecurityContextWindowsOptions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, /// HostProcess determines if a container should be run as a 'Host Process' container. - /// This field is alpha-level and will only be honored by components that enable the - /// WindowsHostProcessContainers feature flag. Setting this field without the feature - /// flag will result in errors when validating the Pod. All of a Pod's containers must - /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess - /// containers and non-HostProcess containers). In addition, if HostProcess is true - /// then HostNetwork must also be set to true. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, /// The UserName in Windows to run the entrypoint of the container process. @@ -1978,7 +2199,6 @@ pub struct FluentBitInitContainersStartupProbe { #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. - /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. @@ -2031,7 +2251,6 @@ pub struct FluentBitInitContainersStartupProbeExec { } /// GRPC specifies an action involving a GRPC port. -/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2071,7 +2290,8 @@ pub struct FluentBitInitContainersStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitInitContainersStartupProbeHttpGetHttpHeaders { - /// The header field name + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2110,6 +2330,8 @@ pub struct FluentBitInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -2118,6 +2340,28 @@ pub struct FluentBitInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -2149,7 +2393,6 @@ pub struct FluentBitLivenessProbe { #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. - /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. @@ -2202,7 +2445,6 @@ pub struct FluentBitLivenessProbeExec { } /// GRPC specifies an action involving a GRPC port. -/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2242,7 +2484,8 @@ pub struct FluentBitLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitLivenessProbeHttpGetHttpHeaders { - /// The header field name + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2563,8 +2806,12 @@ pub struct FluentBitPositionDbCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2599,8 +2846,12 @@ pub struct FluentBitPositionDbCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2627,8 +2878,12 @@ pub struct FluentBitPositionDbConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -2692,8 +2947,12 @@ pub struct FluentBitPositionDbCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2719,7 +2978,7 @@ pub struct FluentBitPositionDbDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -2738,7 +2997,7 @@ pub struct FluentBitPositionDbDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2778,7 +3037,7 @@ pub struct FluentBitPositionDbEmptyDir { /// The maximum usage on memory medium EmptyDir would be the minimum value between /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. /// The default is nil which means that the limit is undefined. - /// More info: http://kubernetes.io/docs/user-guide/volumes#emptydir + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } @@ -2955,6 +3214,20 @@ pub struct FluentBitPositionDbEphemeralVolumeClaimTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -3033,38 +3306,18 @@ pub struct FluentBitPositionDbEphemeralVolumeClaimTemplateSpecDataSourceRef { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, /// Requests describes the minimum amount of compute resources required. /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FluentBitPositionDbEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbEphemeralVolumeClaimTemplateSpecSelector { @@ -3155,8 +3408,12 @@ pub struct FluentBitPositionDbFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3312,8 +3569,12 @@ pub struct FluentBitPositionDbIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3399,6 +3660,24 @@ pub struct FluentBitPositionDbProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -3413,6 +3692,83 @@ pub struct FluentBitPositionDbProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentBitPositionDbProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentBitPositionDbProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentBitPositionDbProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbProjectedSourcesConfigMap { @@ -3426,8 +3782,12 @@ pub struct FluentBitPositionDbProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -3466,7 +3826,7 @@ pub struct FluentBitPositionDbProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -3485,7 +3845,7 @@ pub struct FluentBitPositionDbProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -3523,8 +3883,12 @@ pub struct FluentBitPositionDbProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -3653,8 +4017,12 @@ pub struct FluentBitPositionDbRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3704,8 +4072,12 @@ pub struct FluentBitPositionDbScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3796,8 +4168,12 @@ pub struct FluentBitPositionDbStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitPositionDbStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3855,7 +4231,6 @@ pub struct FluentBitReadinessProbe { #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. - /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. @@ -3908,7 +4283,6 @@ pub struct FluentBitReadinessProbeExec { } /// GRPC specifies an action involving a GRPC port. -/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3948,7 +4322,8 @@ pub struct FluentBitReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitReadinessProbeHttpGetHttpHeaders { - /// The header field name + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -3986,7 +4361,7 @@ pub struct FluentBitResources { pub limits: Option>, /// Requests describes the minimum amount of compute resources required. /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, @@ -4004,6 +4379,10 @@ pub struct FluentBitResourcesClaims { /// SecurityContext holds pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -4085,6 +4464,25 @@ pub struct FluentBitSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentBitSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -4114,7 +4512,7 @@ pub struct FluentBitSecurityContextSeccompProfile { /// localhostProfile indicates a profile defined in a file on the node should be used. /// The profile must be preconfigured on the node to work. /// Must be a descending path, relative to the kubelet's configured seccomp profile location. - /// Must only be set if type is "Localhost". + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, /// type indicates which kind of seccomp profile will be applied. @@ -4152,12 +4550,9 @@ pub struct FluentBitSecurityContextWindowsOptions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, /// HostProcess determines if a container should be run as a 'Host Process' container. - /// This field is alpha-level and will only be honored by components that enable the - /// WindowsHostProcessContainers feature flag. Setting this field without the feature - /// flag will result in errors when validating the Pod. All of a Pod's containers must - /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess - /// containers and non-HostProcess containers). In addition, if HostProcess is true - /// then HostNetwork must also be set to true. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, /// The UserName in Windows to run the entrypoint of the container process. @@ -4462,8 +4857,12 @@ pub struct FluentBitVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4498,8 +4897,12 @@ pub struct FluentBitVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4526,8 +4929,12 @@ pub struct FluentBitVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -4591,8 +4998,12 @@ pub struct FluentBitVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4618,7 +5029,7 @@ pub struct FluentBitVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -4637,7 +5048,7 @@ pub struct FluentBitVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -4677,7 +5088,7 @@ pub struct FluentBitVolumesEmptyDir { /// The maximum usage on memory medium EmptyDir would be the minimum value between /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. /// The default is nil which means that the limit is undefined. - /// More info: http://kubernetes.io/docs/user-guide/volumes#emptydir + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } @@ -4854,6 +5265,20 @@ pub struct FluentBitVolumesEphemeralVolumeClaimTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -4932,38 +5357,18 @@ pub struct FluentBitVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, /// Requests describes the minimum amount of compute resources required. /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FluentBitVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -5054,8 +5459,12 @@ pub struct FluentBitVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5211,8 +5620,12 @@ pub struct FluentBitVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5298,6 +5711,24 @@ pub struct FluentBitVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -5312,6 +5743,83 @@ pub struct FluentBitVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentBitVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentBitVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentBitVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesProjectedSourcesConfigMap { @@ -5325,8 +5833,12 @@ pub struct FluentBitVolumesProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -5365,7 +5877,7 @@ pub struct FluentBitVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -5384,7 +5896,7 @@ pub struct FluentBitVolumesProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -5422,8 +5934,12 @@ pub struct FluentBitVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -5552,8 +6068,12 @@ pub struct FluentBitVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5603,8 +6123,12 @@ pub struct FluentBitVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5695,8 +6219,12 @@ pub struct FluentBitVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentBitVolumesStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5731,6 +6259,8 @@ pub struct FluentBitVolumesMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -5739,6 +6269,28 @@ pub struct FluentBitVolumesMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/outputs.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/outputs.rs index c7c48c526..f0cca0ecd 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/outputs.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/outputs.rs @@ -266,8 +266,12 @@ pub struct OutputAzureBlobSharedKeyValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -342,8 +346,12 @@ pub struct OutputAzureBlobTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -393,8 +401,12 @@ pub struct OutputAzureLogAnalyticsCustomerIdValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -424,8 +436,12 @@ pub struct OutputAzureLogAnalyticsSharedKeyValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -608,8 +624,12 @@ pub struct OutputDatadogApikeyValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -777,8 +797,12 @@ pub struct OutputEsHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -808,8 +832,12 @@ pub struct OutputEsHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -946,8 +974,12 @@ pub struct OutputEsTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1158,8 +1190,12 @@ pub struct OutputForwardPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1234,8 +1270,12 @@ pub struct OutputForwardTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1265,8 +1305,12 @@ pub struct OutputForwardUsernameValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1455,8 +1499,12 @@ pub struct OutputGelfTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1572,8 +1620,12 @@ pub struct OutputHttpHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1603,8 +1655,12 @@ pub struct OutputHttpHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1743,8 +1799,12 @@ pub struct OutputHttpTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1823,8 +1883,12 @@ pub struct OutputInfluxDbHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1854,8 +1918,12 @@ pub struct OutputInfluxDbHttpTokenValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1885,8 +1953,12 @@ pub struct OutputInfluxDbHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2023,8 +2095,12 @@ pub struct OutputInfluxDbTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2136,6 +2212,10 @@ pub struct OutputLoki { /// If set to true, it will add all Kubernetes labels to the Stream labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoKubernetesLabels")] pub auto_kubernetes_labels: Option, + /// Set bearer token authentication token value. + /// Can be used as alterntative to HTTP basic authentication + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bearerToken")] + pub bearer_token: Option, /// If set to true and after extracting labels only a single key remains, the log line sent to Loki will be the value of that key in line_format. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dropSingleKey")] pub drop_single_key: Option, @@ -2184,6 +2264,9 @@ pub struct OutputLoki { /// Fluent Bit provides integrated support for Transport Layer Security (TLS) and it predecessor Secure Sockets Layer (SSL) respectively. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, + /// Specify a custom HTTP URI. It must start with forward slash. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uri: Option, } /// Loki defines Loki Output configuration. @@ -2195,6 +2278,42 @@ pub enum OutputLokiAutoKubernetesLabels { Off, } +/// Set bearer token authentication token value. +/// Can be used as alterntative to HTTP basic authentication +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OutputLokiBearerToken { + /// ValueSource defines how to find a value's key. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// ValueSource defines how to find a value's key. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OutputLokiBearerTokenValueFrom { + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a secret in the pod's namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OutputLokiBearerTokenValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + /// Loki defines Loki Output configuration. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum OutputLokiDropSingleKey { @@ -2227,8 +2346,12 @@ pub struct OutputLokiHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2258,8 +2381,12 @@ pub struct OutputLokiHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2361,8 +2488,12 @@ pub struct OutputLokiTenantIdValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2437,8 +2568,12 @@ pub struct OutputLokiTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2479,6 +2614,8 @@ pub struct OutputOpensearch { /// otherwise the value must be according to the Unit Size specification. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bufferSize")] pub buffer_size: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub compress: Option, /// Use current time for index generation instead of message record #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentTimeIndex")] pub current_time_index: Option, @@ -2576,6 +2713,13 @@ pub struct OutputOpensearch { pub write_operation: Option, } +/// OpenSearch defines OpenSearch Output configuration. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum OutputOpensearchCompress { + #[serde(rename = "gzip")] + Gzip, +} + /// Password for user defined in HTTP_User #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OutputOpensearchHttpPassword { @@ -2598,8 +2742,12 @@ pub struct OutputOpensearchHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2629,8 +2777,12 @@ pub struct OutputOpensearchHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2767,8 +2919,12 @@ pub struct OutputOpensearchTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2843,8 +2999,12 @@ pub struct OutputOpentelemetryHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2874,8 +3034,12 @@ pub struct OutputOpentelemetryHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3012,8 +3176,12 @@ pub struct OutputOpentelemetryTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3098,8 +3266,12 @@ pub struct OutputPrometheusRemoteWriteHttpPasswdValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3129,8 +3301,12 @@ pub struct OutputPrometheusRemoteWriteHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3267,8 +3443,12 @@ pub struct OutputPrometheusRemoteWriteTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3432,8 +3612,12 @@ pub struct OutputS3TlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3536,8 +3720,12 @@ pub struct OutputSplunkHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3567,8 +3755,12 @@ pub struct OutputSplunkHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3660,8 +3852,12 @@ pub struct OutputSplunkSplunkTokenValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3736,8 +3932,12 @@ pub struct OutputSplunkTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3838,8 +4038,12 @@ pub struct OutputStackdriverServiceAccountEmailValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3869,8 +4073,12 @@ pub struct OutputStackdriverServiceAccountSecretValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4098,8 +4306,12 @@ pub struct OutputSyslogTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4288,8 +4500,12 @@ pub struct OutputTcpTlsKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/clusterinputs.rs b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/clusterinputs.rs index ad771dbe9..4d26f9c4b 100644 --- a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/clusterinputs.rs +++ b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/clusterinputs.rs @@ -186,8 +186,12 @@ pub struct ClusterInputInputsForwardSecurityUserPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -217,8 +221,12 @@ pub struct ClusterInputInputsForwardSecurityUserUsernameValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -294,8 +302,12 @@ pub struct ClusterInputInputsForwardUserPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -325,8 +337,12 @@ pub struct ClusterInputInputsForwardUserUsernameValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/clusteroutputs.rs b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/clusteroutputs.rs index 3a094d2c5..85b568263 100644 --- a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/clusteroutputs.rs +++ b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/clusteroutputs.rs @@ -399,8 +399,12 @@ pub struct ClusterOutputOutputsCloudWatchAwsKeyIdValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -430,8 +434,12 @@ pub struct ClusterOutputOutputsCloudWatchAwsSecKeyValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -556,8 +564,12 @@ pub struct ClusterOutputOutputsDatadogApiKeyValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -683,8 +695,12 @@ pub struct ClusterOutputOutputsElasticsearchClientKeyPasswordValueFromSecretKeyR /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -714,8 +730,12 @@ pub struct ClusterOutputOutputsElasticsearchCloudAuthValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -746,8 +766,12 @@ pub struct ClusterOutputOutputsElasticsearchCloudIdValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -777,8 +801,12 @@ pub struct ClusterOutputOutputsElasticsearchPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -808,8 +836,12 @@ pub struct ClusterOutputOutputsElasticsearchUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -944,8 +976,12 @@ pub struct ClusterOutputOutputsElasticsearchDataStreamClientKeyPasswordValueFrom /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -975,8 +1011,12 @@ pub struct ClusterOutputOutputsElasticsearchDataStreamCloudAuthValueFromSecretKe /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1007,8 +1047,12 @@ pub struct ClusterOutputOutputsElasticsearchDataStreamCloudIdValueFromSecretKeyR /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1038,8 +1082,12 @@ pub struct ClusterOutputOutputsElasticsearchDataStreamPasswordValueFromSecretKey /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1069,8 +1117,12 @@ pub struct ClusterOutputOutputsElasticsearchDataStreamUserValueFromSecretKeyRef /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1327,8 +1379,12 @@ pub struct ClusterOutputOutputsForwardSecurityUserPasswordValueFromSecretKeyRef /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1358,8 +1414,12 @@ pub struct ClusterOutputOutputsForwardSecurityUserUsernameValueFromSecretKeyRef /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1427,8 +1487,12 @@ pub struct ClusterOutputOutputsForwardServersPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1458,8 +1522,12 @@ pub struct ClusterOutputOutputsForwardServersUsernameValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1568,8 +1636,12 @@ pub struct ClusterOutputOutputsForwardServiceDiscoveryServerPasswordValueFromSec /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1599,8 +1671,12 @@ pub struct ClusterOutputOutputsForwardServiceDiscoveryServerUsernameValueFromSec /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1729,8 +1805,12 @@ pub struct ClusterOutputOutputsHttpAuthPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1760,8 +1840,12 @@ pub struct ClusterOutputOutputsHttpAuthUsernameValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1890,6 +1974,10 @@ pub enum ClusterOutputOutputsKafkaCompressionCodec { /// out_loki plugin #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOutputOutputsLoki { + /// Set path to file with bearer authentication token + /// Can be used as alterntative to HTTP basic authentication + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bearerTokenFile")] + pub bearer_token_file: Option, /// If a record only has 1 key, then just set the log line to the value and discard the key. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dropSingleKey")] pub drop_single_key: Option, @@ -1966,8 +2054,12 @@ pub struct ClusterOutputOutputsLokiHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1997,8 +2089,12 @@ pub struct ClusterOutputOutputsLokiHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2038,8 +2134,12 @@ pub struct ClusterOutputOutputsLokiTenantIdValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2077,6 +2177,9 @@ pub struct ClusterOutputOutputsOpensearch { /// Specify https if your Opensearch endpoint supports SSL (default: http). #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, + /// Optional, Force certificate validation + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslVerify")] + pub ssl_verify: Option, /// Optional, The login credentials to connect to Opensearch #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, @@ -2104,8 +2207,12 @@ pub struct ClusterOutputOutputsOpensearchPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2135,8 +2242,12 @@ pub struct ClusterOutputOutputsOpensearchUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/fluentds.rs b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/fluentds.rs index 81913453c..01b16a637 100644 --- a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/fluentds.rs +++ b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/fluentds.rs @@ -330,8 +330,31 @@ pub struct FluentdAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecu #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -355,6 +378,7 @@ pub struct FluentdAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecu } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -427,8 +451,31 @@ pub struct FluentdAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecu #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -452,6 +499,7 @@ pub struct FluentdAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecut } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -555,8 +603,31 @@ pub struct FluentdAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringE #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -580,6 +651,7 @@ pub struct FluentdAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringE } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -652,8 +724,31 @@ pub struct FluentdAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringE #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -677,6 +772,7 @@ pub struct FluentdAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringEx } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -773,7 +869,7 @@ pub struct FluentdBufferEmptyDir { /// The maximum usage on memory medium EmptyDir would be the minimum value between /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. /// The default is nil which means that the limit is undefined. - /// More info: http://kubernetes.io/docs/user-guide/volumes#emptydir + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } @@ -896,6 +992,20 @@ pub struct FluentdBufferPvcSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -974,38 +1084,18 @@ pub struct FluentdBufferPvcSpecDataSourceRef { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdBufferPvcSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, /// Requests describes the minimum amount of compute resources required. /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FluentdBufferPvcSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdBufferPvcSpecSelector { @@ -1045,13 +1135,70 @@ pub struct FluentdBufferPvcStatus { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may - /// be larger than the actual capacity when a volume expansion operation is requested. + /// allocatedResourceStatuses stores status of resource being resized for the given PVC. + /// Key names follow standard Kubernetes label syntax. Valid values are either: + /// * Un-prefixed keys: + /// - storage - the capacity of the volume. + /// * Custom resources must use implementation-defined prefixed names such as "example.com/my-custom-resource" + /// Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered + /// reserved and hence may not be used. + /// + /// + /// ClaimResourceStatus can be in any of following states: + /// - ControllerResizeInProgress: + /// State set when resize controller starts resizing the volume in control-plane. + /// - ControllerResizeFailed: + /// State set when resize has failed in resize controller with a terminal error. + /// - NodeResizePending: + /// State set when resize controller has finished resizing the volume but further resizing of + /// volume is needed on the node. + /// - NodeResizeInProgress: + /// State set when kubelet starts resizing the volume. + /// - NodeResizeFailed: + /// State set when resizing has failed in kubelet with a terminal error. Transient errors don't set + /// NodeResizeFailed. + /// For example: if expanding a PVC for more capacity - this field can be one of the following states: + /// - pvc.status.allocatedResourceStatus['storage'] = "ControllerResizeInProgress" + /// - pvc.status.allocatedResourceStatus['storage'] = "ControllerResizeFailed" + /// - pvc.status.allocatedResourceStatus['storage'] = "NodeResizePending" + /// - pvc.status.allocatedResourceStatus['storage'] = "NodeResizeInProgress" + /// - pvc.status.allocatedResourceStatus['storage'] = "NodeResizeFailed" + /// When this field is not set, it means that no resize operation is in progress for the given PVC. + /// + /// + /// A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus + /// should ignore the update for the purpose it was designed. For example - a controller that + /// only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid + /// resources associated with PVC. + /// + /// + /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResourceStatuses")] + pub allocated_resource_statuses: Option>, + /// allocatedResources tracks the resources allocated to a PVC including its capacity. + /// Key names follow standard Kubernetes label syntax. Valid values are either: + /// * Un-prefixed keys: + /// - storage - the capacity of the volume. + /// * Custom resources must use implementation-defined prefixed names such as "example.com/my-custom-resource" + /// Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered + /// reserved and hence may not be used. + /// + /// + /// Capacity reported here may be larger than the actual capacity when a volume expansion operation + /// is requested. /// For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. /// If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. /// If a volume expansion capacity request is lowered, allocatedResources is only /// lowered if there are no expansion operations in progress and if the actual volume capacity /// is equal or lower than the requested capacity. + /// + /// + /// A controller that receives PVC update with previously unknown resourceName + /// should ignore the update for the purpose it was designed. For example - a controller that + /// only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid + /// resources associated with PVC. + /// + /// /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResources")] pub allocated_resources: Option>, @@ -1059,18 +1206,43 @@ pub struct FluentdBufferPvcStatus { #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option>, /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - /// resized then the Condition will be set to 'ResizeStarted'. + /// resized then the Condition will be set to 'Resizing'. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + /// When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + /// This is an alpha field and requires enabling VolumeAttributesClass feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentVolumeAttributesClassName")] + pub current_volume_attributes_class_name: Option, + /// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + /// When this is unset, there is no ModifyVolume operation being attempted. + /// This is an alpha field and requires enabling VolumeAttributesClass feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "modifyVolumeStatus")] + pub modify_volume_status: Option, /// phase represents the current phase of PersistentVolumeClaim. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// resizeStatus stores status of resize operation. - /// ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty - /// string by resize controller or kubelet. - /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizeStatus")] - pub resize_status: Option, +} + +/// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. +/// When this is unset, there is no ModifyVolume operation being attempted. +/// This is an alpha field and requires enabling VolumeAttributesClass feature. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdBufferPvcStatusModifyVolumeStatus { + /// status is the status of the ControllerModifyVolume operation. It can be in any of following states: + /// - Pending + /// Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as + /// the specified VolumeAttributesClass not existing. + /// - InProgress + /// InProgress indicates that the volume is being modified. + /// - Infeasible + /// Infeasible indicates that the request has been rejected as invalid by the CSI driver. To + /// resolve the error, a valid VolumeAttributesClass needs to be specified. + /// Note: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately. + pub status: String, + /// targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetVolumeAttributesClassName")] + pub target_volume_attributes_class_name: Option, } /// ContainerSecurityContext represents the security context for the fluentd container. @@ -1085,6 +1257,11 @@ pub struct FluentdContainerSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -1151,6 +1328,26 @@ pub struct FluentdContainerSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdContainerSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -1194,7 +1391,7 @@ pub struct FluentdContainerSecurityContextSeccompProfile { /// localhostProfile indicates a profile defined in a file on the node should be used. /// The profile must be preconfigured on the node to work. /// Must be a descending path, relative to the kubelet's configured seccomp profile location. - /// Must only be set if type is "Localhost". + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, /// type indicates which kind of seccomp profile will be applied. @@ -1223,12 +1420,9 @@ pub struct FluentdContainerSecurityContextWindowsOptions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, /// HostProcess determines if a container should be run as a 'Host Process' container. - /// This field is alpha-level and will only be honored by components that enable the - /// WindowsHostProcessContainers feature flag. Setting this field without the feature - /// flag will result in errors when validating the Pod. All of a Pod's containers must - /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess - /// containers and non-HostProcess containers). In addition, if HostProcess is true - /// then HostNetwork must also be set to true. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, /// The UserName in Windows to run the entrypoint of the container process. @@ -1375,8 +1569,12 @@ pub struct FluentdEnvVarsValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1416,8 +1614,12 @@ pub struct FluentdEnvVarsValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1620,8 +1822,12 @@ pub struct FluentdGlobalInputsForwardSecurityUserPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1651,8 +1857,12 @@ pub struct FluentdGlobalInputsForwardSecurityUserUsernameValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1728,8 +1938,12 @@ pub struct FluentdGlobalInputsForwardUserPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1759,8 +1973,12 @@ pub struct FluentdGlobalInputsForwardUserUsernameValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2276,8 +2494,12 @@ pub enum FluentdGlobalInputsTailParseType { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdImagePullSecrets { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2293,7 +2515,6 @@ pub struct FluentdLivenessProbe { #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. - /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. @@ -2346,7 +2567,6 @@ pub struct FluentdLivenessProbeExec { } /// GRPC specifies an action involving a GRPC port. -/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2386,7 +2606,8 @@ pub struct FluentdLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdLivenessProbeHttpGetHttpHeaders { - /// The header field name + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2677,8 +2898,12 @@ pub struct FluentdPositionDbCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2713,8 +2938,12 @@ pub struct FluentdPositionDbCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2741,8 +2970,12 @@ pub struct FluentdPositionDbConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -2806,8 +3039,12 @@ pub struct FluentdPositionDbCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2833,7 +3070,7 @@ pub struct FluentdPositionDbDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -2852,7 +3089,7 @@ pub struct FluentdPositionDbDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2892,7 +3129,7 @@ pub struct FluentdPositionDbEmptyDir { /// The maximum usage on memory medium EmptyDir would be the minimum value between /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. /// The default is nil which means that the limit is undefined. - /// More info: http://kubernetes.io/docs/user-guide/volumes#emptydir + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } @@ -3069,6 +3306,20 @@ pub struct FluentdPositionDbEphemeralVolumeClaimTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -3147,38 +3398,18 @@ pub struct FluentdPositionDbEphemeralVolumeClaimTemplateSpecDataSourceRef { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, /// Requests describes the minimum amount of compute resources required. /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FluentdPositionDbEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbEphemeralVolumeClaimTemplateSpecSelector { @@ -3269,8 +3500,12 @@ pub struct FluentdPositionDbFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3426,8 +3661,12 @@ pub struct FluentdPositionDbIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3513,6 +3752,24 @@ pub struct FluentdPositionDbProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -3527,6 +3784,83 @@ pub struct FluentdPositionDbProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdPositionDbProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdPositionDbProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdPositionDbProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbProjectedSourcesConfigMap { @@ -3540,8 +3874,12 @@ pub struct FluentdPositionDbProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -3580,7 +3918,7 @@ pub struct FluentdPositionDbProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -3599,7 +3937,7 @@ pub struct FluentdPositionDbProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -3637,8 +3975,12 @@ pub struct FluentdPositionDbProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -3767,8 +4109,12 @@ pub struct FluentdPositionDbRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3818,8 +4164,12 @@ pub struct FluentdPositionDbScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3910,8 +4260,12 @@ pub struct FluentdPositionDbStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdPositionDbStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3969,7 +4323,6 @@ pub struct FluentdReadinessProbe { #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. - /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. @@ -4022,7 +4375,6 @@ pub struct FluentdReadinessProbeExec { } /// GRPC specifies an action involving a GRPC port. -/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4062,7 +4414,8 @@ pub struct FluentdReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdReadinessProbeHttpGetHttpHeaders { - /// The header field name + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -4100,7 +4453,7 @@ pub struct FluentdResources { pub limits: Option>, /// Requests describes the minimum amount of compute resources required. /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, @@ -4118,6 +4471,10 @@ pub struct FluentdResourcesClaims { /// PodSecurityContext represents the security context for the fluentd pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -4199,6 +4556,25 @@ pub struct FluentdSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -4228,7 +4604,7 @@ pub struct FluentdSecurityContextSeccompProfile { /// localhostProfile indicates a profile defined in a file on the node should be used. /// The profile must be preconfigured on the node to work. /// Must be a descending path, relative to the kubelet's configured seccomp profile location. - /// Must only be set if type is "Localhost". + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, /// type indicates which kind of seccomp profile will be applied. @@ -4266,12 +4642,9 @@ pub struct FluentdSecurityContextWindowsOptions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, /// HostProcess determines if a container should be run as a 'Host Process' container. - /// This field is alpha-level and will only be honored by components that enable the - /// WindowsHostProcessContainers feature flag. Setting this field without the feature - /// flag will result in errors when validating the Pod. All of a Pod's containers must - /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess - /// containers and non-HostProcess containers). In addition, if HostProcess is true - /// then HostNetwork must also be set to true. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, /// The UserName in Windows to run the entrypoint of the container process. @@ -4430,6 +4803,20 @@ pub struct FluentdVolumeClaimTemplatesSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -4508,38 +4895,18 @@ pub struct FluentdVolumeClaimTemplatesSpecDataSourceRef { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumeClaimTemplatesSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, /// Requests describes the minimum amount of compute resources required. /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FluentdVolumeClaimTemplatesSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumeClaimTemplatesSpecSelector { @@ -4579,13 +4946,70 @@ pub struct FluentdVolumeClaimTemplatesStatus { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may - /// be larger than the actual capacity when a volume expansion operation is requested. + /// allocatedResourceStatuses stores status of resource being resized for the given PVC. + /// Key names follow standard Kubernetes label syntax. Valid values are either: + /// * Un-prefixed keys: + /// - storage - the capacity of the volume. + /// * Custom resources must use implementation-defined prefixed names such as "example.com/my-custom-resource" + /// Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered + /// reserved and hence may not be used. + /// + /// + /// ClaimResourceStatus can be in any of following states: + /// - ControllerResizeInProgress: + /// State set when resize controller starts resizing the volume in control-plane. + /// - ControllerResizeFailed: + /// State set when resize has failed in resize controller with a terminal error. + /// - NodeResizePending: + /// State set when resize controller has finished resizing the volume but further resizing of + /// volume is needed on the node. + /// - NodeResizeInProgress: + /// State set when kubelet starts resizing the volume. + /// - NodeResizeFailed: + /// State set when resizing has failed in kubelet with a terminal error. Transient errors don't set + /// NodeResizeFailed. + /// For example: if expanding a PVC for more capacity - this field can be one of the following states: + /// - pvc.status.allocatedResourceStatus['storage'] = "ControllerResizeInProgress" + /// - pvc.status.allocatedResourceStatus['storage'] = "ControllerResizeFailed" + /// - pvc.status.allocatedResourceStatus['storage'] = "NodeResizePending" + /// - pvc.status.allocatedResourceStatus['storage'] = "NodeResizeInProgress" + /// - pvc.status.allocatedResourceStatus['storage'] = "NodeResizeFailed" + /// When this field is not set, it means that no resize operation is in progress for the given PVC. + /// + /// + /// A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus + /// should ignore the update for the purpose it was designed. For example - a controller that + /// only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid + /// resources associated with PVC. + /// + /// + /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResourceStatuses")] + pub allocated_resource_statuses: Option>, + /// allocatedResources tracks the resources allocated to a PVC including its capacity. + /// Key names follow standard Kubernetes label syntax. Valid values are either: + /// * Un-prefixed keys: + /// - storage - the capacity of the volume. + /// * Custom resources must use implementation-defined prefixed names such as "example.com/my-custom-resource" + /// Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered + /// reserved and hence may not be used. + /// + /// + /// Capacity reported here may be larger than the actual capacity when a volume expansion operation + /// is requested. /// For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. /// If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. /// If a volume expansion capacity request is lowered, allocatedResources is only /// lowered if there are no expansion operations in progress and if the actual volume capacity /// is equal or lower than the requested capacity. + /// + /// + /// A controller that receives PVC update with previously unknown resourceName + /// should ignore the update for the purpose it was designed. For example - a controller that + /// only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid + /// resources associated with PVC. + /// + /// /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResources")] pub allocated_resources: Option>, @@ -4593,18 +5017,43 @@ pub struct FluentdVolumeClaimTemplatesStatus { #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option>, /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - /// resized then the Condition will be set to 'ResizeStarted'. + /// resized then the Condition will be set to 'Resizing'. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + /// When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + /// This is an alpha field and requires enabling VolumeAttributesClass feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentVolumeAttributesClassName")] + pub current_volume_attributes_class_name: Option, + /// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + /// When this is unset, there is no ModifyVolume operation being attempted. + /// This is an alpha field and requires enabling VolumeAttributesClass feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "modifyVolumeStatus")] + pub modify_volume_status: Option, /// phase represents the current phase of PersistentVolumeClaim. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// resizeStatus stores status of resize operation. - /// ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty - /// string by resize controller or kubelet. - /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizeStatus")] - pub resize_status: Option, +} + +/// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. +/// When this is unset, there is no ModifyVolume operation being attempted. +/// This is an alpha field and requires enabling VolumeAttributesClass feature. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdVolumeClaimTemplatesStatusModifyVolumeStatus { + /// status is the status of the ControllerModifyVolume operation. It can be in any of following states: + /// - Pending + /// Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as + /// the specified VolumeAttributesClass not existing. + /// - InProgress + /// InProgress indicates that the volume is being modified. + /// - Infeasible + /// Infeasible indicates that the request has been rejected as invalid by the CSI driver. To + /// resolve the error, a valid VolumeAttributesClass needs to be specified. + /// Note: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately. + pub status: String, + /// targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetVolumeAttributesClassName")] + pub target_volume_attributes_class_name: Option, } /// VolumeMount describes a mounting of a Volume within a container. @@ -4618,6 +5067,8 @@ pub struct FluentdVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -4626,6 +5077,28 @@ pub struct FluentdVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -4888,8 +5361,12 @@ pub struct FluentdVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4924,8 +5401,12 @@ pub struct FluentdVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4952,8 +5433,12 @@ pub struct FluentdVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -5017,8 +5502,12 @@ pub struct FluentdVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5044,7 +5533,7 @@ pub struct FluentdVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -5063,7 +5552,7 @@ pub struct FluentdVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -5103,7 +5592,7 @@ pub struct FluentdVolumesEmptyDir { /// The maximum usage on memory medium EmptyDir would be the minimum value between /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. /// The default is nil which means that the limit is undefined. - /// More info: http://kubernetes.io/docs/user-guide/volumes#emptydir + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } @@ -5280,6 +5769,20 @@ pub struct FluentdVolumesEphemeralVolumeClaimTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -5358,38 +5861,18 @@ pub struct FluentdVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, /// Requests describes the minimum amount of compute resources required. /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FluentdVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -5480,8 +5963,12 @@ pub struct FluentdVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5637,8 +6124,12 @@ pub struct FluentdVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5724,6 +6215,24 @@ pub struct FluentdVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -5738,6 +6247,83 @@ pub struct FluentdVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesProjectedSourcesConfigMap { @@ -5751,8 +6337,12 @@ pub struct FluentdVolumesProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -5791,7 +6381,7 @@ pub struct FluentdVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -5810,7 +6400,7 @@ pub struct FluentdVolumesProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -5848,8 +6438,12 @@ pub struct FluentdVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -5978,8 +6572,12 @@ pub struct FluentdVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6029,8 +6627,12 @@ pub struct FluentdVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6121,8 +6723,12 @@ pub struct FluentdVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdVolumesStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/inputs.rs b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/inputs.rs index 383f1ecc0..f0afb566c 100644 --- a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/inputs.rs +++ b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/inputs.rs @@ -187,8 +187,12 @@ pub struct InputInputsForwardSecurityUserPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -218,8 +222,12 @@ pub struct InputInputsForwardSecurityUserUsernameValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -295,8 +303,12 @@ pub struct InputInputsForwardUserPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -326,8 +338,12 @@ pub struct InputInputsForwardUserUsernameValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/outputs.rs b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/outputs.rs index 4e534c575..a2bd603a5 100644 --- a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/outputs.rs +++ b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/outputs.rs @@ -400,8 +400,12 @@ pub struct OutputOutputsCloudWatchAwsKeyIdValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -431,8 +435,12 @@ pub struct OutputOutputsCloudWatchAwsSecKeyValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -557,8 +565,12 @@ pub struct OutputOutputsDatadogApiKeyValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -684,8 +696,12 @@ pub struct OutputOutputsElasticsearchClientKeyPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -715,8 +731,12 @@ pub struct OutputOutputsElasticsearchCloudAuthValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -747,8 +767,12 @@ pub struct OutputOutputsElasticsearchCloudIdValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -778,8 +802,12 @@ pub struct OutputOutputsElasticsearchPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -809,8 +837,12 @@ pub struct OutputOutputsElasticsearchUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -945,8 +977,12 @@ pub struct OutputOutputsElasticsearchDataStreamClientKeyPasswordValueFromSecretK /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -976,8 +1012,12 @@ pub struct OutputOutputsElasticsearchDataStreamCloudAuthValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1008,8 +1048,12 @@ pub struct OutputOutputsElasticsearchDataStreamCloudIdValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1039,8 +1083,12 @@ pub struct OutputOutputsElasticsearchDataStreamPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1070,8 +1118,12 @@ pub struct OutputOutputsElasticsearchDataStreamUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1328,8 +1380,12 @@ pub struct OutputOutputsForwardSecurityUserPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1359,8 +1415,12 @@ pub struct OutputOutputsForwardSecurityUserUsernameValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1428,8 +1488,12 @@ pub struct OutputOutputsForwardServersPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1459,8 +1523,12 @@ pub struct OutputOutputsForwardServersUsernameValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1569,8 +1637,12 @@ pub struct OutputOutputsForwardServiceDiscoveryServerPasswordValueFromSecretKeyR /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1600,8 +1672,12 @@ pub struct OutputOutputsForwardServiceDiscoveryServerUsernameValueFromSecretKeyR /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1730,8 +1806,12 @@ pub struct OutputOutputsHttpAuthPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1761,8 +1841,12 @@ pub struct OutputOutputsHttpAuthUsernameValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1891,6 +1975,10 @@ pub enum OutputOutputsKafkaCompressionCodec { /// out_loki plugin #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OutputOutputsLoki { + /// Set path to file with bearer authentication token + /// Can be used as alterntative to HTTP basic authentication + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bearerTokenFile")] + pub bearer_token_file: Option, /// If a record only has 1 key, then just set the log line to the value and discard the key. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dropSingleKey")] pub drop_single_key: Option, @@ -1967,8 +2055,12 @@ pub struct OutputOutputsLokiHttpPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1998,8 +2090,12 @@ pub struct OutputOutputsLokiHttpUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2039,8 +2135,12 @@ pub struct OutputOutputsLokiTenantIdValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2078,6 +2178,9 @@ pub struct OutputOutputsOpensearch { /// Specify https if your Opensearch endpoint supports SSL (default: http). #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, + /// Optional, Force certificate validation + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslVerify")] + pub ssl_verify: Option, /// Optional, The login credentials to connect to Opensearch #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, @@ -2105,8 +2208,12 @@ pub struct OutputOutputsOpensearchPasswordValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2136,8 +2243,12 @@ pub struct OutputOutputsOpensearchUserValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/flux_framework_org/v1alpha2/miniclusters.rs b/kube-custom-resources-rs/src/flux_framework_org/v1alpha2/miniclusters.rs index 19e30629b..3e171a59b 100644 --- a/kube-custom-resources-rs/src/flux_framework_org/v1alpha2/miniclusters.rs +++ b/kube-custom-resources-rs/src/flux_framework_org/v1alpha2/miniclusters.rs @@ -246,6 +246,9 @@ pub struct MiniClusterContainersVolumes { /// Add an empty directory custom type #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDirMedium")] pub empty_dir_medium: Option, + /// Add an empty directory sizeLimit + #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDirSizeLimit")] + pub empty_dir_size_limit: Option, /// An existing hostPath to bind to path #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, @@ -472,6 +475,9 @@ pub struct MiniClusterPod { /// Annotations for each pod #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, + /// Automatically mount the service account name + #[serde(default, skip_serializing_if = "Option::is_none", rename = "automountServiceAccountToken")] + pub automount_service_account_token: Option, /// Labels for each pod #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, @@ -481,6 +487,12 @@ pub struct MiniClusterPod { /// Resources include limits and requests #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option>, + /// Restart Policy + #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] + pub restart_policy: Option, + /// RuntimeClassName for the pod + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runtimeClassName")] + pub runtime_class_name: Option, /// Scheduler name for the pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] pub scheduler_name: Option, @@ -650,6 +662,9 @@ pub struct MiniClusterServicesVolumes { /// Add an empty directory custom type #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDirMedium")] pub empty_dir_medium: Option, + /// Add an empty directory sizeLimit + #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDirSizeLimit")] + pub empty_dir_size_limit: Option, /// An existing hostPath to bind to path #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, diff --git a/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/forkliftcontrollers.rs b/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/forkliftcontrollers.rs index d77c14fa1..85e6febf4 100644 --- a/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/forkliftcontrollers.rs +++ b/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/forkliftcontrollers.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/migrations.rs b/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/migrations.rs index c96b7ab40..8efca54eb 100644 --- a/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/migrations.rs +++ b/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/migrations.rs @@ -135,6 +135,9 @@ pub struct MigrationStatusVms { /// The managed object ID. #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, + /// Selected InstanceType that will override the VM properties. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceType")] + pub instance_type: Option, /// Disk decryption LUKS keys #[serde(default, skip_serializing_if = "Option::is_none")] pub luks: Option, diff --git a/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/plans.rs b/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/plans.rs index 6f267a193..4e12736b4 100644 --- a/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/plans.rs +++ b/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/plans.rs @@ -268,6 +268,9 @@ pub struct PlanVms { /// The managed object ID. #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, + /// Selected InstanceType that will override the VM properties. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceType")] + pub instance_type: Option, /// Disk decryption LUKS keys #[serde(default, skip_serializing_if = "Option::is_none")] pub luks: Option, @@ -533,6 +536,9 @@ pub struct PlanStatusMigrationVms { /// The managed object ID. #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, + /// Selected InstanceType that will override the VM properties. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceType")] + pub instance_type: Option, /// Disk decryption LUKS keys #[serde(default, skip_serializing_if = "Option::is_none")] pub luks: Option, diff --git a/kube-custom-resources-rs/src/fossul_io/v1/backupconfigs.rs b/kube-custom-resources-rs/src/fossul_io/v1/backupconfigs.rs index 72660cb7f..ab2ee3311 100644 --- a/kube-custom-resources-rs/src/fossul_io/v1/backupconfigs.rs +++ b/kube-custom-resources-rs/src/fossul_io/v1/backupconfigs.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/fossul_io/v1/backups.rs b/kube-custom-resources-rs/src/fossul_io/v1/backups.rs index 350f39376..5108e6f60 100644 --- a/kube-custom-resources-rs/src/fossul_io/v1/backups.rs +++ b/kube-custom-resources-rs/src/fossul_io/v1/backups.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/fossul_io/v1/backupschedules.rs b/kube-custom-resources-rs/src/fossul_io/v1/backupschedules.rs index f6c23e742..6bd74736d 100644 --- a/kube-custom-resources-rs/src/fossul_io/v1/backupschedules.rs +++ b/kube-custom-resources-rs/src/fossul_io/v1/backupschedules.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/fossul_io/v1/fossuls.rs b/kube-custom-resources-rs/src/fossul_io/v1/fossuls.rs index 1f82951a0..88b9b9741 100644 --- a/kube-custom-resources-rs/src/fossul_io/v1/fossuls.rs +++ b/kube-custom-resources-rs/src/fossul_io/v1/fossuls.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/fossul_io/v1/restores.rs b/kube-custom-resources-rs/src/fossul_io/v1/restores.rs index 96c9aecb8..eb386b202 100644 --- a/kube-custom-resources-rs/src/fossul_io/v1/restores.rs +++ b/kube-custom-resources-rs/src/fossul_io/v1/restores.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs index 7ade0e9d7..71444585e 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs @@ -346,6 +346,12 @@ pub struct HTTPRouteRules { /// choose how that 50 percent is determined. /// /// + /// When a HTTPBackendRef refers to a Service that has no ready endpoints, + /// implementations SHOULD return a 503 for requests to that backend instead. + /// If an implementation chooses to do this, all of the above rules for 500 responses + /// MUST also apply for responses that return a 503. + /// + /// /// Support: Core for Kubernetes Service /// /// diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs index b8703ce02..b495b480f 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs @@ -346,6 +346,12 @@ pub struct HTTPRouteRules { /// choose how that 50 percent is determined. /// /// + /// When a HTTPBackendRef refers to a Service that has no ready endpoints, + /// implementations SHOULD return a 503 for requests to that backend instead. + /// If an implementation chooses to do this, all of the above rules for 500 responses + /// MUST also apply for responses that return a 503. + /// + /// /// Support: Core for Kubernetes Service /// /// diff --git a/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha1/nginxproxies.rs b/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha1/nginxproxies.rs index e01261281..80ac7b6d4 100644 --- a/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha1/nginxproxies.rs +++ b/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha1/nginxproxies.rs @@ -20,11 +20,26 @@ pub struct NginxProxySpec { /// Default is false, meaning http2 will be enabled for all servers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableHTTP2")] pub disable_http2: Option, + /// IPFamily specifies the IP family to be used by the NGINX. + /// Default is "dual", meaning the server will use both IPv4 and IPv6. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamily")] + pub ip_family: Option, /// Telemetry specifies the OpenTelemetry configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub telemetry: Option, } +/// Spec defines the desired state of the NginxProxy. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum NginxProxyIpFamily { + #[serde(rename = "dual")] + Dual, + #[serde(rename = "ipv4")] + Ipv4, + #[serde(rename = "ipv6")] + Ipv6, +} + /// Telemetry specifies the OpenTelemetry configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NginxProxyTelemetry { diff --git a/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha1/observabilitypolicies.rs b/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha1/observabilitypolicies.rs index 55a488b08..ccf421499 100644 --- a/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha1/observabilitypolicies.rs +++ b/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha1/observabilitypolicies.rs @@ -21,7 +21,7 @@ use self::prelude::*; pub struct ObservabilityPolicySpec { /// TargetRefs identifies the API object(s) to apply the policy to. /// Objects must be in the same namespace as the policy. - /// Support: HTTPRoute + /// Support: HTTPRoute, GRPCRoute. #[serde(rename = "targetRefs")] pub target_refs: Vec, /// Tracing allows for enabling and configuring tracing. diff --git a/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanadashboards.rs b/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanadashboards.rs index 18e7df84f..7f1ec12ed 100644 --- a/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanadashboards.rs +++ b/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanadashboards.rs @@ -7,6 +7,7 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -40,6 +41,12 @@ pub struct GrafanaDashboardSpec { /// folder assignment for dashboard #[serde(default, skip_serializing_if = "Option::is_none")] pub folder: Option, + /// Name of a `GrafanaFolder` resource in the same namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "folderRef")] + pub folder_ref: Option, + /// UID of the target folder for this dashboard + #[serde(default, skip_serializing_if = "Option::is_none", rename = "folderUID")] + pub folder_uid: Option, /// grafana.com/dashboards #[serde(default, skip_serializing_if = "Option::is_none", rename = "grafanaCom")] pub grafana_com: Option, @@ -265,6 +272,8 @@ pub struct GrafanaDashboardStatus { /// The dashboard instanceSelector can't find matching grafana instances #[serde(default, skip_serializing_if = "Option::is_none", rename = "NoMatchingInstances")] pub no_matching_instances: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentCache")] pub content_cache: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentTimestamp")] diff --git a/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanafolders.rs b/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanafolders.rs index 925ced2ad..63682bb5f 100644 --- a/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanafolders.rs +++ b/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanafolders.rs @@ -7,6 +7,7 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -25,6 +26,12 @@ pub struct GrafanaFolderSpec { /// selects Grafanas for import #[serde(rename = "instanceSelector")] pub instance_selector: GrafanaFolderInstanceSelector, + /// Reference to an existing GrafanaFolder CR in the same namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "parentFolderRef")] + pub parent_folder_ref: Option, + /// UID of the folder in which the current folder should be created + #[serde(default, skip_serializing_if = "Option::is_none", rename = "parentFolderUID")] + pub parent_folder_uid: Option, /// raw json with folder permissions #[serde(default, skip_serializing_if = "Option::is_none")] pub permissions: Option, @@ -71,6 +78,7 @@ pub struct GrafanaFolderStatus { /// The folder instanceSelector can't find matching grafana instances #[serde(default, skip_serializing_if = "Option::is_none", rename = "NoMatchingInstances")] pub no_matching_instances: Option, + pub conditions: Vec, /// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster /// Important: Run "make" to regenerate code after modifying this file #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1alpha1/volumegroupsnapshotclasses.rs b/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1alpha1/volumegroupsnapshotclasses.rs index 165bccdb7..e6d8e4e86 100644 --- a/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1alpha1/volumegroupsnapshotclasses.rs +++ b/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1alpha1/volumegroupsnapshotclasses.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/helm_sigstore_dev/v1alpha1/rekors.rs b/kube-custom-resources-rs/src/helm_sigstore_dev/v1alpha1/rekors.rs index cfe14e138..b452a5cb7 100644 --- a/kube-custom-resources-rs/src/helm_sigstore_dev/v1alpha1/rekors.rs +++ b/kube-custom-resources-rs/src/helm_sigstore_dev/v1alpha1/rekors.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterpools.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterpools.rs index 02097d464..ee6e3c548 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterpools.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterpools.rs @@ -7,6 +7,7 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -44,6 +45,9 @@ pub struct ClusterPoolSpec { /// InstallConfigSecretTemplateRef is a secret with the key install-config.yaml consisting of the content of the install-config.yaml to be used as a template for all clusters in this pool. Cluster specific settings (name, basedomain) will be injected dynamically when the ClusterDeployment install-config Secret is generated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "installConfigSecretTemplateRef")] pub install_config_secret_template_ref: Option, + /// InstallerEnv are extra environment variables to pass through to the installer. This may be used to enable additional features of the installer. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "installerEnv")] + pub installer_env: Option>, /// Inventory maintains a list of entries consumed by the ClusterPool to customize the default ClusterDeployment. #[serde(default, skip_serializing_if = "Option::is_none")] pub inventory: Option>, @@ -105,6 +109,86 @@ pub struct ClusterPoolInstallConfigSecretTemplateRef { pub name: Option, } +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterPoolInstallerEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterPoolInstallerEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterPoolInstallerEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterPoolInstallerEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterPoolInstallerEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, +} + +/// Selects a key of a secret in the pod's namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterPoolInstallerEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + /// InventoryEntry maintains a reference to a custom resource consumed by a clusterpool to customize the cluster deployment. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolInventory { diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/machinepools.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/machinepools.rs index 2b3a9e913..40c7b4250 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/machinepools.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/machinepools.rs @@ -452,6 +452,9 @@ pub struct MachinePoolStatus { /// Conditions includes more detailed status for the cluster deployment #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// ControlledByReplica indicates which replica of the hive-machinepool StatefulSet is responsible for this MachinePool. Note that this value indicates the replica that most recently handled the MachinePool. If the hive-machinepool statefulset is scaled up or down, the controlling replica can change, potentially causing logs to be spread across multiple pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "controlledByReplica")] + pub controlled_by_replica: Option, /// MachineSets is the status of the machine sets for the machine pool on the remote cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "machineSets")] pub machine_sets: Option>, diff --git a/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha1/terraforms.rs b/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha1/terraforms.rs index 284a132b0..3dfee97ee 100644 --- a/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha1/terraforms.rs +++ b/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha1/terraforms.rs @@ -544,8 +544,31 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSched #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -569,6 +592,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSched } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -641,8 +665,31 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSched #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -666,6 +713,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityRequiredDuringSchedu } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -769,8 +817,31 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringS #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -794,6 +865,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringS } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -866,8 +938,31 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringS #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -891,6 +986,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityRequiredDuringSc } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1000,8 +1096,12 @@ pub struct TerraformRunnerPodTemplateSpecEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1041,8 +1141,12 @@ pub struct TerraformRunnerPodTemplateSpecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1068,8 +1172,12 @@ pub struct TerraformRunnerPodTemplateSpecEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1081,8 +1189,12 @@ pub struct TerraformRunnerPodTemplateSpecEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1175,6 +1287,23 @@ pub struct TerraformRunnerPodTemplateSpecInitContainers { /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] + pub restart_policy: Option, /// SecurityContext defines the security options the container should be run with. /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ @@ -1286,8 +1415,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvValueFromConfigMapKeyR /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1327,8 +1460,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvValueFromSecretKeyRef /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1354,8 +1491,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1367,8 +1508,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1411,6 +1556,9 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1463,6 +1611,13 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartHttpGet pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1494,6 +1649,9 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1546,6 +1704,13 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopHttpGetHt pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1899,6 +2064,11 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -1965,6 +2135,26 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2008,7 +2198,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContextSeccompPro /// localhostProfile indicates a profile defined in a file on the node should be used. /// The profile must be preconfigured on the node to work. /// Must be a descending path, relative to the kubelet's configured seccomp profile location. - /// Must only be set if type is "Localhost". + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, /// type indicates which kind of seccomp profile will be applied. @@ -2037,12 +2227,9 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContextWindowsOpt #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, /// HostProcess determines if a container should be run as a 'Host Process' container. - /// This field is alpha-level and will only be honored by components that enable the - /// WindowsHostProcessContainers feature flag. Setting this field without the feature - /// flag will result in errors when validating the Pod. All of a Pod's containers must - /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess - /// containers and non-HostProcess containers). In addition, if HostProcess is true - /// then HostNetwork must also be set to true. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, /// The UserName in Windows to run the entrypoint of the container process. @@ -2201,6 +2388,8 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -2209,6 +2398,28 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -2262,6 +2473,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -2270,6 +2483,28 @@ pub struct TerraformRunnerPodTemplateSpecVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -2532,8 +2767,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2568,8 +2807,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2596,8 +2839,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -2661,8 +2908,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2688,7 +2939,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -2707,7 +2958,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2914,6 +3165,20 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpec /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -2992,17 +3257,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpec /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3015,15 +3269,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpec pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -3114,8 +3359,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3271,8 +3520,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3358,6 +3611,24 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -3372,6 +3643,83 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesConfigMap { @@ -3385,8 +3733,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -3425,7 +3777,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -3444,7 +3796,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesDownwardApiItems pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -3482,8 +3834,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -3612,8 +3968,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3663,8 +4023,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3755,8 +4119,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3896,8 +4264,12 @@ pub struct TerraformVarsValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -3937,8 +4309,12 @@ pub struct TerraformVarsValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha2/terraforms.rs b/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha2/terraforms.rs index a64b810a6..5edc2225c 100644 --- a/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha2/terraforms.rs +++ b/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha2/terraforms.rs @@ -591,8 +591,31 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSched #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -616,6 +639,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSched } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -688,8 +712,31 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSched #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -713,6 +760,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityRequiredDuringSchedu } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -816,8 +864,31 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringS #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -841,6 +912,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringS } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -913,8 +985,31 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringS #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -938,6 +1033,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityRequiredDuringSc } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1047,8 +1143,12 @@ pub struct TerraformRunnerPodTemplateSpecEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1088,8 +1188,12 @@ pub struct TerraformRunnerPodTemplateSpecEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1115,8 +1219,12 @@ pub struct TerraformRunnerPodTemplateSpecEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1128,8 +1236,12 @@ pub struct TerraformRunnerPodTemplateSpecEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1145,8 +1257,7 @@ pub struct TerraformRunnerPodTemplateSpecHostAliases { #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, /// IP address of the host file entry. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ip: Option, + pub ip: String, } /// A single application container that you want to run within a pod. @@ -1234,6 +1345,23 @@ pub struct TerraformRunnerPodTemplateSpecInitContainers { /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] + pub restart_policy: Option, /// SecurityContext defines the security options the container should be run with. /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ @@ -1345,8 +1473,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvValueFromConfigMapKeyR /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1386,8 +1518,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvValueFromSecretKeyRef /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1413,8 +1549,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1426,8 +1566,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1470,6 +1614,9 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1522,6 +1669,13 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartHttpGet pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1553,6 +1707,9 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1605,6 +1762,13 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopHttpGetHt pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1958,6 +2122,11 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2024,6 +2193,26 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2067,7 +2256,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContextSeccompPro /// localhostProfile indicates a profile defined in a file on the node should be used. /// The profile must be preconfigured on the node to work. /// Must be a descending path, relative to the kubelet's configured seccomp profile location. - /// Must only be set if type is "Localhost". + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, /// type indicates which kind of seccomp profile will be applied. @@ -2096,12 +2285,9 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContextWindowsOpt #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, /// HostProcess determines if a container should be run as a 'Host Process' container. - /// This field is alpha-level and will only be honored by components that enable the - /// WindowsHostProcessContainers feature flag. Setting this field without the feature - /// flag will result in errors when validating the Pod. All of a Pod's containers must - /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess - /// containers and non-HostProcess containers). In addition, if HostProcess is true - /// then HostNetwork must also be set to true. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, /// The UserName in Windows to run the entrypoint of the container process. @@ -2260,6 +2446,8 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -2268,6 +2456,28 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -2327,6 +2537,11 @@ pub struct TerraformRunnerPodTemplateSpecSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2393,6 +2608,26 @@ pub struct TerraformRunnerPodTemplateSpecSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2436,7 +2671,7 @@ pub struct TerraformRunnerPodTemplateSpecSecurityContextSeccompProfile { /// localhostProfile indicates a profile defined in a file on the node should be used. /// The profile must be preconfigured on the node to work. /// Must be a descending path, relative to the kubelet's configured seccomp profile location. - /// Must only be set if type is "Localhost". + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, /// type indicates which kind of seccomp profile will be applied. @@ -2465,12 +2700,9 @@ pub struct TerraformRunnerPodTemplateSpecSecurityContextWindowsOptions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, /// HostProcess determines if a container should be run as a 'Host Process' container. - /// This field is alpha-level and will only be honored by components that enable the - /// WindowsHostProcessContainers feature flag. Setting this field without the feature - /// flag will result in errors when validating the Pod. All of a Pod's containers must - /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess - /// containers and non-HostProcess containers). In addition, if HostProcess is true - /// then HostNetwork must also be set to true. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, /// The UserName in Windows to run the entrypoint of the container process. @@ -2522,6 +2754,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -2530,6 +2764,28 @@ pub struct TerraformRunnerPodTemplateSpecVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -2792,8 +3048,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2828,8 +3088,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2856,8 +3120,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -2921,8 +3189,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2948,7 +3220,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -2967,7 +3239,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -3174,6 +3446,20 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpec /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -3252,17 +3538,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpec /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3275,15 +3550,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpec pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -3374,8 +3640,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3531,8 +3801,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3618,6 +3892,24 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -3632,6 +3924,83 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesConfigMap { @@ -3645,8 +4014,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -3685,7 +4058,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -3704,7 +4077,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesDownwardApiItems pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -3742,8 +4115,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -3872,8 +4249,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3923,8 +4304,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4015,8 +4400,12 @@ pub struct TerraformRunnerPodTemplateSpecVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4164,8 +4553,12 @@ pub struct TerraformVarsValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -4205,8 +4598,12 @@ pub struct TerraformVarsValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachines.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachines.rs index 7bb752970..a9b72310b 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachines.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachines.rs @@ -403,11 +403,22 @@ pub struct VSphereMachinePciDevices { /// DeviceID is the device ID of a virtual machine's PCI, in integer. /// Defaults to the eponymous property value in the template from which the /// virtual machine is cloned. + /// Mutually exclusive with VGPUProfile as VGPUProfile and DeviceID + VendorID + /// are two independent ways to define PCI devices. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceId")] pub device_id: Option, + /// VGPUProfile is the profile name of a virtual machine's vGPU, in string. + /// Defaults to the eponymous property value in the template from which the + /// virtual machine is cloned. + /// Mutually exclusive with DeviceID and VendorID as VGPUProfile and DeviceID + VendorID + /// are two independent ways to define PCI devices. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "vGPUProfile")] + pub v_gpu_profile: Option, /// VendorId is the vendor ID of a virtual machine's PCI, in integer. /// Defaults to the eponymous property value in the template from which the /// virtual machine is cloned. + /// Mutually exclusive with VGPUProfile as VGPUProfile and DeviceID + VendorID + /// are two independent ways to define PCI devices. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vendorId")] pub vendor_id: Option, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachinetemplates.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachinetemplates.rs index e667e1eef..5619d680a 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachinetemplates.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachinetemplates.rs @@ -437,11 +437,22 @@ pub struct VSphereMachineTemplateTemplateSpecPciDevices { /// DeviceID is the device ID of a virtual machine's PCI, in integer. /// Defaults to the eponymous property value in the template from which the /// virtual machine is cloned. + /// Mutually exclusive with VGPUProfile as VGPUProfile and DeviceID + VendorID + /// are two independent ways to define PCI devices. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceId")] pub device_id: Option, + /// VGPUProfile is the profile name of a virtual machine's vGPU, in string. + /// Defaults to the eponymous property value in the template from which the + /// virtual machine is cloned. + /// Mutually exclusive with DeviceID and VendorID as VGPUProfile and DeviceID + VendorID + /// are two independent ways to define PCI devices. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "vGPUProfile")] + pub v_gpu_profile: Option, /// VendorId is the vendor ID of a virtual machine's PCI, in integer. /// Defaults to the eponymous property value in the template from which the /// virtual machine is cloned. + /// Mutually exclusive with VGPUProfile as VGPUProfile and DeviceID + VendorID + /// are two independent ways to define PCI devices. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vendorId")] pub vendor_id: Option, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspherevms.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspherevms.rs index 4286516e8..10b64c606 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspherevms.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspherevms.rs @@ -448,11 +448,22 @@ pub struct VSphereVMPciDevices { /// DeviceID is the device ID of a virtual machine's PCI, in integer. /// Defaults to the eponymous property value in the template from which the /// virtual machine is cloned. + /// Mutually exclusive with VGPUProfile as VGPUProfile and DeviceID + VendorID + /// are two independent ways to define PCI devices. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceId")] pub device_id: Option, + /// VGPUProfile is the profile name of a virtual machine's vGPU, in string. + /// Defaults to the eponymous property value in the template from which the + /// virtual machine is cloned. + /// Mutually exclusive with DeviceID and VendorID as VGPUProfile and DeviceID + VendorID + /// are two independent ways to define PCI devices. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "vGPUProfile")] + pub v_gpu_profile: Option, /// VendorId is the vendor ID of a virtual machine's PCI, in integer. /// Defaults to the eponymous property value in the template from which the /// virtual machine is cloned. + /// Mutually exclusive with VGPUProfile as VGPUProfile and DeviceID + VendorID + /// are two independent ways to define PCI devices. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vendorId")] pub vendor_id: Option, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmvpcclusters.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmvpcclusters.rs index 6413e65e3..bdefad3f9 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmvpcclusters.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmvpcclusters.rs @@ -25,6 +25,9 @@ pub struct IBMVPCClusterSpec { /// ControlPlaneLoadBalancer is optional configuration for customizing control plane behavior. #[serde(default, skip_serializing_if = "Option::is_none", rename = "controlPlaneLoadBalancer")] pub control_plane_load_balancer: Option, + /// network represents the VPC network to use for the cluster. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub network: Option, /// The IBM Cloud Region the cluster lives in. pub region: String, /// The VPC resources should be created under the resource group. @@ -72,6 +75,61 @@ pub struct IBMVPCClusterControlPlaneLoadBalancerAdditionalListeners { pub port: i64, } +/// network represents the VPC network to use for the cluster. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IBMVPCClusterNetwork { + /// controlPlaneSubnets is a set of Subnet's which define the Control Plane subnets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "controlPlaneSubnets")] + pub control_plane_subnets: Option>, + /// resourceGroup is the name of the Resource Group containing all of the newtork resources. + /// This can be different than the Resource Group containing the remaining cluster resources. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceGroup")] + pub resource_group: Option, + /// vpc defines the IBM Cloud VPC for extended VPC Infrastructure support. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub vpc: Option, + /// workerSubnets is a set of Subnet's which define the Worker subnets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "workerSubnets")] + pub worker_subnets: Option>, +} + +/// Subnet describes a subnet. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IBMVPCClusterNetworkControlPlaneSubnets { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cidr: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub zone: Option, +} + +/// vpc defines the IBM Cloud VPC for extended VPC Infrastructure support. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IBMVPCClusterNetworkVpc { + /// id of the resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + /// name of the resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// Subnet describes a subnet. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IBMVPCClusterNetworkWorkerSubnets { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cidr: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub zone: Option, +} + /// IBMVPCClusterStatus defines the observed state of IBMVPCCluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IBMVPCClusterStatus { @@ -81,14 +139,21 @@ pub struct IBMVPCClusterStatus { /// ControlPlaneLoadBalancerState is the status of the load balancer. #[serde(default, skip_serializing_if = "Option::is_none", rename = "controlPlaneLoadBalancerState")] pub control_plane_load_balancer_state: Option, + /// network is the status of the VPC network resources for extended VPC Infrastructure support. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub network: Option, /// Ready is true when the provider resource is ready. #[serde(default, skip_serializing_if = "Option::is_none")] pub ready: Option, + /// resourceGroup is the status of the cluster's Resource Group for extended VPC Infrastructure support. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceGroup")] + pub resource_group: Option, /// Subnet describes a subnet. #[serde(default, skip_serializing_if = "Option::is_none")] pub subnet: Option, /// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster /// Important: Run "make" to regenerate code after modifying this file + /// dep: rely on Network instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub vpc: Option, /// VPCEndpoint describes a VPCEndpoint. @@ -96,6 +161,55 @@ pub struct IBMVPCClusterStatus { pub vpc_endpoint: Option, } +/// network is the status of the VPC network resources for extended VPC Infrastructure support. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IBMVPCClusterStatusNetwork { + /// resourceGroup references the Resource Group for Network resources for the cluster. + /// This can be the same or unique from the cluster's Resource Group. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceGroup")] + pub resource_group: Option, + /// vpc references the status of the IBM Cloud VPC as part of the extended VPC Infrastructure support. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub vpc: Option, +} + +/// resourceGroup references the Resource Group for Network resources for the cluster. +/// This can be the same or unique from the cluster's Resource Group. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IBMVPCClusterStatusNetworkResourceGroup { + /// id defines the Id of the IBM Cloud resource status. + pub id: String, + /// name defines the name of the IBM Cloud resource status. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// ready defines whether the IBM Cloud resource is ready. + pub ready: bool, +} + +/// vpc references the status of the IBM Cloud VPC as part of the extended VPC Infrastructure support. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IBMVPCClusterStatusNetworkVpc { + /// id defines the Id of the IBM Cloud resource status. + pub id: String, + /// name defines the name of the IBM Cloud resource status. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// ready defines whether the IBM Cloud resource is ready. + pub ready: bool, +} + +/// resourceGroup is the status of the cluster's Resource Group for extended VPC Infrastructure support. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IBMVPCClusterStatusResourceGroup { + /// id defines the Id of the IBM Cloud resource status. + pub id: String, + /// name defines the name of the IBM Cloud resource status. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// ready defines whether the IBM Cloud resource is ready. + pub ready: bool, +} + /// Subnet describes a subnet. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IBMVPCClusterStatusSubnet { @@ -111,6 +225,7 @@ pub struct IBMVPCClusterStatusSubnet { /// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster /// Important: Run "make" to regenerate code after modifying this file +/// dep: rely on Network instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IBMVPCClusterStatusVpc { pub id: String, diff --git a/kube-custom-resources-rs/src/install_istio_io/v1alpha1/istiooperators.rs b/kube-custom-resources-rs/src/install_istio_io/v1alpha1/istiooperators.rs index 05f866fdf..ba7c7ae0c 100644 --- a/kube-custom-resources-rs/src/install_istio_io/v1alpha1/istiooperators.rs +++ b/kube-custom-resources-rs/src/install_istio_io/v1alpha1/istiooperators.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs b/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs index 9aafbb29b..3d17c66a6 100644 --- a/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs +++ b/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs @@ -7068,6 +7068,10 @@ pub struct JobSetStatus { /// RestartsCountTowardsMax tracks the number of times the JobSet has restarted that counts towards the maximum allowed number of restarts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartsCountTowardsMax")] pub restarts_count_towards_max: Option, + /// TerminalState the state of the JobSet when it finishes execution. + /// It can be either Complete or Failed. Otherwise, it is empty by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminalState")] + pub terminal_state: Option, } /// ReplicatedJobStatus defines the observed ReplicatedJobs Readiness. diff --git a/kube-custom-resources-rs/src/k6_io/v1alpha1/k6s.rs b/kube-custom-resources-rs/src/k6_io/v1alpha1/k6s.rs index 02c1711fd..c03ccddbe 100644 --- a/kube-custom-resources-rs/src/k6_io/v1alpha1/k6s.rs +++ b/kube-custom-resources-rs/src/k6_io/v1alpha1/k6s.rs @@ -3174,6 +3174,8 @@ pub struct K6ScriptVolumeClaim { #[serde(default, skip_serializing_if = "Option::is_none")] pub file: Option, pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/k6_io/v1alpha1/privateloadzones.rs b/kube-custom-resources-rs/src/k6_io/v1alpha1/privateloadzones.rs index 5fa076cca..3d342f03a 100644 --- a/kube-custom-resources-rs/src/k6_io/v1alpha1/privateloadzones.rs +++ b/kube-custom-resources-rs/src/k6_io/v1alpha1/privateloadzones.rs @@ -20,6 +20,8 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct PrivateLoadZoneSpec { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, pub resources: PrivateLoadZoneResources, diff --git a/kube-custom-resources-rs/src/k6_io/v1alpha1/testruns.rs b/kube-custom-resources-rs/src/k6_io/v1alpha1/testruns.rs index 8ad7a01c5..f7f0a837d 100644 --- a/kube-custom-resources-rs/src/k6_io/v1alpha1/testruns.rs +++ b/kube-custom-resources-rs/src/k6_io/v1alpha1/testruns.rs @@ -3174,6 +3174,8 @@ pub struct TestRunScriptVolumeClaim { #[serde(default, skip_serializing_if = "Option::is_none")] pub file: Option, pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/k8gb_absa_oss/v1beta1/gslbs.rs b/kube-custom-resources-rs/src/k8gb_absa_oss/v1beta1/gslbs.rs index 143446626..1304ad030 100644 --- a/kube-custom-resources-rs/src/k8gb_absa_oss/v1beta1/gslbs.rs +++ b/kube-custom-resources-rs/src/k8gb_absa_oss/v1beta1/gslbs.rs @@ -20,7 +20,11 @@ use self::prelude::*; #[kube(derive="PartialEq")] pub struct GslbSpec { /// Gslb-enabled Ingress Spec - pub ingress: GslbIngress, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ingress: Option, + /// ResourceRef spec + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceRef")] + pub resource_ref: Option, /// Gslb Strategy spec pub strategy: GslbStrategy, } @@ -65,19 +69,19 @@ pub struct GslbIngress { /// specify a global default. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GslbIngressBackend { - /// Resource is an ObjectRef to another Kubernetes resource in the namespace + /// resource is an ObjectRef to another Kubernetes resource in the namespace /// of the Ingress object. If resource is specified, a service.Name and /// service.Port must not be specified. /// This is a mutually exclusive setting with "Service". #[serde(default, skip_serializing_if = "Option::is_none")] pub resource: Option, - /// Service references a Service as a Backend. + /// service references a service as a backend. /// This is a mutually exclusive setting with "Resource". #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// Resource is an ObjectRef to another Kubernetes resource in the namespace +/// resource is an ObjectRef to another Kubernetes resource in the namespace /// of the Ingress object. If resource is specified, a service.Name and /// service.Port must not be specified. /// This is a mutually exclusive setting with "Service". @@ -94,28 +98,28 @@ pub struct GslbIngressBackendResource { pub name: String, } -/// Service references a Service as a Backend. +/// service references a service as a backend. /// This is a mutually exclusive setting with "Resource". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GslbIngressBackendService { - /// Name is the referenced service. The service must exist in + /// name is the referenced service. The service must exist in /// the same namespace as the Ingress object. pub name: String, - /// Port of the referenced service. A port name or port number + /// port of the referenced service. A port name or port number /// is required for a IngressServiceBackend. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, } -/// Port of the referenced service. A port name or port number +/// port of the referenced service. A port name or port number /// is required for a IngressServiceBackend. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GslbIngressBackendServicePort { - /// Name is the name of the port on the Service. + /// name is the name of the port on the Service. /// This is a mutually exclusive setting with "Number". #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Number is the numerical port number (e.g. 80) on the Service. + /// number is the numerical port number (e.g. 80) on the Service. /// This is a mutually exclusive setting with "Name". #[serde(default, skip_serializing_if = "Option::is_none")] pub number: Option, @@ -168,7 +172,7 @@ pub struct GslbIngressRules { /// or '#'. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GslbIngressRulesHttp { - /// A collection of paths that map requests to backends. + /// paths is a collection of paths that map requests to backends. pub paths: Vec, } @@ -176,16 +180,16 @@ pub struct GslbIngressRulesHttp { /// path are forwarded to the backend. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GslbIngressRulesHttpPaths { - /// Backend defines the referenced service endpoint to which the traffic + /// backend defines the referenced service endpoint to which the traffic /// will be forwarded to. pub backend: GslbIngressRulesHttpPathsBackend, - /// Path is matched against the path of an incoming request. Currently it can + /// path is matched against the path of an incoming request. Currently it can /// contain characters disallowed from the conventional "path" part of a URL /// as defined by RFC 3986. Paths must begin with a '/' and must be present /// when using PathType with value "Exact" or "Prefix". #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// PathType determines the interpretation of the Path matching. PathType can + /// pathType determines the interpretation of the path matching. PathType can /// be one of the following values: /// * Exact: Matches the URL path exactly. /// * Prefix: Matches based on a URL path prefix split by '/'. Matching is @@ -203,23 +207,23 @@ pub struct GslbIngressRulesHttpPaths { pub path_type: String, } -/// Backend defines the referenced service endpoint to which the traffic +/// backend defines the referenced service endpoint to which the traffic /// will be forwarded to. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GslbIngressRulesHttpPathsBackend { - /// Resource is an ObjectRef to another Kubernetes resource in the namespace + /// resource is an ObjectRef to another Kubernetes resource in the namespace /// of the Ingress object. If resource is specified, a service.Name and /// service.Port must not be specified. /// This is a mutually exclusive setting with "Service". #[serde(default, skip_serializing_if = "Option::is_none")] pub resource: Option, - /// Service references a Service as a Backend. + /// service references a service as a backend. /// This is a mutually exclusive setting with "Resource". #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// Resource is an ObjectRef to another Kubernetes resource in the namespace +/// resource is an ObjectRef to another Kubernetes resource in the namespace /// of the Ingress object. If resource is specified, a service.Name and /// service.Port must not be specified. /// This is a mutually exclusive setting with "Service". @@ -236,51 +240,89 @@ pub struct GslbIngressRulesHttpPathsBackendResource { pub name: String, } -/// Service references a Service as a Backend. +/// service references a service as a backend. /// This is a mutually exclusive setting with "Resource". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GslbIngressRulesHttpPathsBackendService { - /// Name is the referenced service. The service must exist in + /// name is the referenced service. The service must exist in /// the same namespace as the Ingress object. pub name: String, - /// Port of the referenced service. A port name or port number + /// port of the referenced service. A port name or port number /// is required for a IngressServiceBackend. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, } -/// Port of the referenced service. A port name or port number +/// port of the referenced service. A port name or port number /// is required for a IngressServiceBackend. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GslbIngressRulesHttpPathsBackendServicePort { - /// Name is the name of the port on the Service. + /// name is the name of the port on the Service. /// This is a mutually exclusive setting with "Number". #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Number is the numerical port number (e.g. 80) on the Service. + /// number is the numerical port number (e.g. 80) on the Service. /// This is a mutually exclusive setting with "Name". #[serde(default, skip_serializing_if = "Option::is_none")] pub number: Option, } -/// IngressTLS describes the transport layer security associated with an Ingress. +/// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GslbIngressTls { - /// Hosts are a list of hosts included in the TLS certificate. The values in + /// hosts is a list of hosts included in the TLS certificate. The values in /// this list must match the name/s used in the tlsSecret. Defaults to the /// wildcard host setting for the loadbalancer controller fulfilling this /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, - /// SecretName is the name of the secret used to terminate TLS traffic on + /// secretName is the name of the secret used to terminate TLS traffic on /// port 443. Field is left optional to allow TLS routing based on SNI /// hostname alone. If the SNI host in a listener conflicts with the "Host" /// header field used by an IngressRule, the SNI host is used for termination - /// and value of the Host header is used for routing. + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } +/// ResourceRef spec +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct GslbResourceRef { + /// Ingress selects a kubernetes.networking.k8s.io/v1.Ingress resource + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ingress: Option, +} + +/// Ingress selects a kubernetes.networking.k8s.io/v1.Ingress resource +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct GslbResourceRefIngress { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct GslbResourceRefIngressMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// Gslb Strategy spec #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GslbStrategy { @@ -310,11 +352,44 @@ pub struct GslbStatus { /// Current Healthy DNS record structure #[serde(rename = "healthyRecords")] pub healthy_records: BTreeMap, - /// Comma-separated list of hosts. Duplicating the value from range .spec.ingress.rules[*].host for printer column + /// Comma-separated list of hosts #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option, + /// LoadBalancer configuration + #[serde(rename = "loadBalancer")] + pub load_balancer: GslbStatusLoadBalancer, + /// Servers configuration + pub servers: Vec, /// Associated Service status #[serde(rename = "serviceHealth")] pub service_health: BTreeMap, } +/// LoadBalancer configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct GslbStatusLoadBalancer { + /// ExposedIPs on the local Load Balancer + #[serde(default, skip_serializing_if = "Option::is_none", rename = "exposedIps")] + pub exposed_ips: Option>, +} + +/// Servers holds the GSLB's servers' configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct GslbStatusServers { + /// Hostname exposed by the GSLB + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Kubernetes Services backing the load balanced application + #[serde(default, skip_serializing_if = "Option::is_none")] + pub services: Option>, +} + +/// NamespacedName holds a reference to a k8s resource +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct GslbStatusServersServices { + /// Name of the resource + pub name: String, + /// Namespace where the resource can be found + pub namespace: String, +} + diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/backups.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/backups.rs index 212af7b21..30dfbe6b8 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/backups.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/backups.rs @@ -33,6 +33,8 @@ pub struct BackupSpec { /// Databases defines the logical databases to be backed up. If not provided, all databases are backed up. #[serde(default, skip_serializing_if = "Option::is_none")] pub databases: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failedJobsHistoryLimit")] + pub failed_jobs_history_limit: Option, /// IgnoreGlobalPriv indicates to ignore the mysql.global_priv in backups. /// If not provided, it will default to true when the referred MariaDB instance has Galera enabled and otherwise to false. /// See: https://github.com/mariadb-operator/mariadb-operator/issues/556 @@ -83,6 +85,8 @@ pub struct BackupSpec { pub service_account_name: Option, /// Storage to be used in the Backup. pub storage: BackupStorage, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "successfulJobsHistoryLimit")] + pub successful_jobs_history_limit: Option, /// Tolerations to be used in the Pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, @@ -292,23 +296,23 @@ pub struct BackupAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecut pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -413,23 +417,23 @@ pub struct BackupAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecuti pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -565,23 +569,23 @@ pub struct BackupAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringEx pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -686,23 +690,23 @@ pub struct BackupAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExe pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -798,8 +802,12 @@ pub struct BackupAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExe #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupImagePullSecrets { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -870,6 +878,10 @@ pub struct BackupPodMetadata { /// SecurityContext holds pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -951,6 +963,25 @@ pub struct BackupPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -1096,6 +1127,11 @@ pub struct BackupSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -1162,6 +1198,26 @@ pub struct BackupSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -1327,7 +1383,7 @@ pub struct BackupStoragePersistentVolumeClaim { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -1484,8 +1540,12 @@ pub struct BackupStorageS3AccessKeyIdSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1499,8 +1559,12 @@ pub struct BackupStorageS3SecretAccessKeySecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1514,8 +1578,12 @@ pub struct BackupStorageS3SessionTokenSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1542,8 +1610,12 @@ pub struct BackupStorageS3TlsCaSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1797,8 +1869,12 @@ pub struct BackupStorageVolumeCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStorageVolumeCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1833,8 +1909,12 @@ pub struct BackupStorageVolumeCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStorageVolumeCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1861,8 +1941,12 @@ pub struct BackupStorageVolumeConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -1926,8 +2010,12 @@ pub struct BackupStorageVolumeCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStorageVolumeCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1953,7 +2041,7 @@ pub struct BackupStorageVolumeDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStorageVolumeDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -1972,7 +2060,7 @@ pub struct BackupStorageVolumeDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStorageVolumeDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2189,7 +2277,7 @@ pub struct BackupStorageVolumeEphemeralVolumeClaimTemplateSpec { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -2373,8 +2461,12 @@ pub struct BackupStorageVolumeFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStorageVolumeFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2530,8 +2622,12 @@ pub struct BackupStorageVolumeIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStorageVolumeIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2739,8 +2835,12 @@ pub struct BackupStorageVolumeProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -2779,7 +2879,7 @@ pub struct BackupStorageVolumeProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStorageVolumeProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -2798,7 +2898,7 @@ pub struct BackupStorageVolumeProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStorageVolumeProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2836,8 +2936,12 @@ pub struct BackupStorageVolumeProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -2966,8 +3070,12 @@ pub struct BackupStorageVolumeRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStorageVolumeRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3017,8 +3125,12 @@ pub struct BackupStorageVolumeScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStorageVolumeScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3109,8 +3221,12 @@ pub struct BackupStorageVolumeStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStorageVolumeStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/connections.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/connections.rs index aa5ac104c..2e757b398 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/connections.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/connections.rs @@ -155,8 +155,12 @@ pub struct ConnectionPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/mariadbs.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/mariadbs.rs index 12713dc26..d7fce50cc 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/mariadbs.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/mariadbs.rs @@ -154,6 +154,9 @@ pub struct MariaDBSpec { /// Storage defines the storage options to be used for provisioning the PVCs mounted by MariaDB. #[serde(default, skip_serializing_if = "Option::is_none")] pub storage: Option, + /// TimeZone sets the default timezone. If not provided, it defaults to SYSTEM and the timezone data is not loaded. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeZone")] + pub time_zone: Option, /// Tolerations to be used in the Pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, @@ -378,23 +381,23 @@ pub struct MariaDBAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecu pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -499,23 +502,23 @@ pub struct MariaDBAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecut pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -651,23 +654,23 @@ pub struct MariaDBAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringE pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -772,23 +775,23 @@ pub struct MariaDBAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringEx pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -904,8 +907,12 @@ pub struct MariaDBBootstrapFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromBackupRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1131,23 +1138,23 @@ pub struct MariaDBBootstrapFromRestoreJobAffinityPodAffinityPreferredDuringSched pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -1252,23 +1259,23 @@ pub struct MariaDBBootstrapFromRestoreJobAffinityPodAffinityRequiredDuringSchedu pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -1404,23 +1411,23 @@ pub struct MariaDBBootstrapFromRestoreJobAffinityPodAntiAffinityPreferredDuringS pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -1525,23 +1532,23 @@ pub struct MariaDBBootstrapFromRestoreJobAffinityPodAntiAffinityRequiredDuringSc pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -1711,8 +1718,12 @@ pub struct MariaDBBootstrapFromS3AccessKeyIdSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1726,8 +1737,12 @@ pub struct MariaDBBootstrapFromS3SecretAccessKeySecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1741,8 +1756,12 @@ pub struct MariaDBBootstrapFromS3SessionTokenSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1769,8 +1788,12 @@ pub struct MariaDBBootstrapFromS3TlsCaSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2024,8 +2047,12 @@ pub struct MariaDBBootstrapFromVolumeCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromVolumeCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2060,8 +2087,12 @@ pub struct MariaDBBootstrapFromVolumeCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromVolumeCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2088,8 +2119,12 @@ pub struct MariaDBBootstrapFromVolumeConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -2153,8 +2188,12 @@ pub struct MariaDBBootstrapFromVolumeCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromVolumeCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2180,7 +2219,7 @@ pub struct MariaDBBootstrapFromVolumeDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromVolumeDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -2199,7 +2238,7 @@ pub struct MariaDBBootstrapFromVolumeDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromVolumeDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2416,7 +2455,7 @@ pub struct MariaDBBootstrapFromVolumeEphemeralVolumeClaimTemplateSpec { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -2600,8 +2639,12 @@ pub struct MariaDBBootstrapFromVolumeFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromVolumeFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2757,8 +2800,12 @@ pub struct MariaDBBootstrapFromVolumeIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromVolumeIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2966,8 +3013,12 @@ pub struct MariaDBBootstrapFromVolumeProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -3006,7 +3057,7 @@ pub struct MariaDBBootstrapFromVolumeProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromVolumeProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -3025,7 +3076,7 @@ pub struct MariaDBBootstrapFromVolumeProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromVolumeProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -3063,8 +3114,12 @@ pub struct MariaDBBootstrapFromVolumeProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -3193,8 +3248,12 @@ pub struct MariaDBBootstrapFromVolumeRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromVolumeRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3244,8 +3303,12 @@ pub struct MariaDBBootstrapFromVolumeScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromVolumeScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3336,8 +3399,12 @@ pub struct MariaDBBootstrapFromVolumeStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromVolumeStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3481,8 +3548,12 @@ pub struct MariaDBEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -3522,8 +3593,12 @@ pub struct MariaDBEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3549,8 +3624,12 @@ pub struct MariaDBEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -3562,8 +3641,12 @@ pub struct MariaDBEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -3710,8 +3793,12 @@ pub struct MariaDBGaleraAgentEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -3751,8 +3838,12 @@ pub struct MariaDBGaleraAgentEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3778,8 +3869,12 @@ pub struct MariaDBGaleraAgentEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBGaleraAgentEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -3791,8 +3886,12 @@ pub struct MariaDBGaleraAgentEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBGaleraAgentEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -4109,6 +4208,11 @@ pub struct MariaDBGaleraAgentSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -4175,6 +4279,26 @@ pub struct MariaDBGaleraAgentSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraAgentSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -4271,6 +4395,8 @@ pub struct MariaDBGaleraAgentVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -4279,6 +4405,28 @@ pub struct MariaDBGaleraAgentVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -4372,7 +4520,7 @@ pub struct MariaDBGaleraConfigVolumeClaimTemplate { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -4590,8 +4738,12 @@ pub struct MariaDBGaleraInitContainerEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -4631,8 +4783,12 @@ pub struct MariaDBGaleraInitContainerEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4658,8 +4814,12 @@ pub struct MariaDBGaleraInitContainerEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBGaleraInitContainerEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -4671,8 +4831,12 @@ pub struct MariaDBGaleraInitContainerEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBGaleraInitContainerEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -4977,6 +5141,11 @@ pub struct MariaDBGaleraInitContainerSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -5043,6 +5212,26 @@ pub struct MariaDBGaleraInitContainerSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraInitContainerSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -5139,6 +5328,8 @@ pub struct MariaDBGaleraInitContainerVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -5147,6 +5338,28 @@ pub struct MariaDBGaleraInitContainerVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -5380,23 +5593,23 @@ pub struct MariaDBGaleraInitJobAffinityPodAffinityPreferredDuringSchedulingIgnor pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -5501,23 +5714,23 @@ pub struct MariaDBGaleraInitJobAffinityPodAffinityRequiredDuringSchedulingIgnore pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -5653,23 +5866,23 @@ pub struct MariaDBGaleraInitJobAffinityPodAntiAffinityPreferredDuringSchedulingI pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -5774,23 +5987,23 @@ pub struct MariaDBGaleraInitJobAffinityPodAntiAffinityRequiredDuringSchedulingIg pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -5995,8 +6208,12 @@ pub enum MariaDBImagePullPolicy { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBImagePullSecrets { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6095,8 +6312,12 @@ pub struct MariaDBInitContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -6136,8 +6357,12 @@ pub struct MariaDBInitContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -6163,8 +6388,12 @@ pub struct MariaDBInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBInitContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -6176,8 +6405,12 @@ pub struct MariaDBInitContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBInitContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -6482,6 +6715,11 @@ pub struct MariaDBInitContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -6548,6 +6786,26 @@ pub struct MariaDBInitContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -6644,6 +6902,8 @@ pub struct MariaDBInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -6652,6 +6912,28 @@ pub struct MariaDBInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -6933,8 +7215,12 @@ pub struct MariaDBMaxScaleAuthAdminPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -6952,8 +7238,12 @@ pub struct MariaDBMaxScaleAuthClientPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -6971,8 +7261,12 @@ pub struct MariaDBMaxScaleAuthMetricsPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -6990,8 +7284,12 @@ pub struct MariaDBMaxScaleAuthMonitorPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -7009,8 +7307,12 @@ pub struct MariaDBMaxScaleAuthServerPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -7028,8 +7330,12 @@ pub struct MariaDBMaxScaleAuthSyncPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -7136,7 +7442,7 @@ pub struct MariaDBMaxScaleConfigVolumeClaimTemplate { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -7742,23 +8048,23 @@ pub struct MariaDBMaxScaleMetricsExporterAffinityPodAffinityPreferredDuringSched pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -7863,23 +8169,23 @@ pub struct MariaDBMaxScaleMetricsExporterAffinityPodAffinityRequiredDuringSchedu pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -8015,23 +8321,23 @@ pub struct MariaDBMaxScaleMetricsExporterAffinityPodAntiAffinityPreferredDuringS pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -8136,23 +8442,23 @@ pub struct MariaDBMaxScaleMetricsExporterAffinityPodAntiAffinityRequiredDuringSc pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -8289,8 +8595,12 @@ pub struct MariaDBMaxScaleMetricsExporterEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -8330,8 +8640,12 @@ pub struct MariaDBMaxScaleMetricsExporterEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -8357,8 +8671,12 @@ pub struct MariaDBMaxScaleMetricsExporterEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -8370,8 +8688,12 @@ pub struct MariaDBMaxScaleMetricsExporterEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -8392,8 +8714,12 @@ pub enum MariaDBMaxScaleMetricsExporterImagePullPolicy { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterImagePullSecrets { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8481,8 +8807,12 @@ pub struct MariaDBMaxScaleMetricsExporterInitContainersEnvValueFromConfigMapKeyR /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -8522,8 +8852,12 @@ pub struct MariaDBMaxScaleMetricsExporterInitContainersEnvValueFromSecretKeyRef /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -8549,8 +8883,12 @@ pub struct MariaDBMaxScaleMetricsExporterInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterInitContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -8562,8 +8900,12 @@ pub struct MariaDBMaxScaleMetricsExporterInitContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterInitContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -8868,6 +9210,11 @@ pub struct MariaDBMaxScaleMetricsExporterInitContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -8934,6 +9281,26 @@ pub struct MariaDBMaxScaleMetricsExporterInitContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMaxScaleMetricsExporterInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -9030,6 +9397,8 @@ pub struct MariaDBMaxScaleMetricsExporterInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -9038,6 +9407,28 @@ pub struct MariaDBMaxScaleMetricsExporterInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -9185,6 +9576,10 @@ pub struct MariaDBMaxScaleMetricsExporterPodMetadata { /// SecurityContext holds pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -9266,6 +9661,25 @@ pub struct MariaDBMaxScaleMetricsExporterPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMaxScaleMetricsExporterPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -9514,6 +9928,11 @@ pub struct MariaDBMaxScaleMetricsExporterSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -9580,6 +9999,26 @@ pub struct MariaDBMaxScaleMetricsExporterSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMaxScaleMetricsExporterSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -9748,8 +10187,12 @@ pub struct MariaDBMaxScaleMetricsExporterSidecarContainersEnvValueFromConfigMapK /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -9789,8 +10232,12 @@ pub struct MariaDBMaxScaleMetricsExporterSidecarContainersEnvValueFromSecretKeyR /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -9816,8 +10263,12 @@ pub struct MariaDBMaxScaleMetricsExporterSidecarContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterSidecarContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -9829,8 +10280,12 @@ pub struct MariaDBMaxScaleMetricsExporterSidecarContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterSidecarContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -10135,6 +10590,11 @@ pub struct MariaDBMaxScaleMetricsExporterSidecarContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -10201,6 +10661,26 @@ pub struct MariaDBMaxScaleMetricsExporterSidecarContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMaxScaleMetricsExporterSidecarContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -10297,6 +10777,8 @@ pub struct MariaDBMaxScaleMetricsExporterSidecarContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -10305,6 +10787,28 @@ pub struct MariaDBMaxScaleMetricsExporterSidecarContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -10407,9 +10911,6 @@ pub struct MariaDBMaxScaleMetricsExporterTopologySpreadConstraints { /// In this situation, new pod with the same labelSelector cannot be scheduled, /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, /// it will violate MaxSkew. - /// - /// - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector @@ -10510,6 +11011,8 @@ pub struct MariaDBMaxScaleMetricsExporterVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -10518,6 +11021,28 @@ pub struct MariaDBMaxScaleMetricsExporterVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -10780,8 +11305,12 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterVolumesCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -10816,8 +11345,12 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterVolumesCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -10844,8 +11377,12 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -10909,8 +11446,12 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterVolumesCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -10936,7 +11477,7 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -10955,7 +11496,7 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -11172,7 +11713,7 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesEphemeralVolumeClaimTemplateSpec /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -11356,8 +11897,12 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterVolumesFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -11513,8 +12058,12 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterVolumesIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -11722,8 +12271,12 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -11762,7 +12315,7 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -11781,7 +12334,7 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesProjectedSourcesDownwardApiItems pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -11819,8 +12372,12 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -11949,8 +12506,12 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterVolumesRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -12000,8 +12561,12 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterVolumesScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -12092,8 +12657,12 @@ pub struct MariaDBMaxScaleMetricsExporterVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleMetricsExporterVolumesStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -12609,23 +13178,23 @@ pub struct MariaDBMetricsExporterAffinityPodAffinityPreferredDuringSchedulingIgn pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -12730,23 +13299,23 @@ pub struct MariaDBMetricsExporterAffinityPodAffinityRequiredDuringSchedulingIgno pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -12882,23 +13451,23 @@ pub struct MariaDBMetricsExporterAffinityPodAntiAffinityPreferredDuringSchedulin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -13003,23 +13572,23 @@ pub struct MariaDBMetricsExporterAffinityPodAntiAffinityRequiredDuringScheduling pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -13156,8 +13725,12 @@ pub struct MariaDBMetricsExporterEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -13197,8 +13770,12 @@ pub struct MariaDBMetricsExporterEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -13224,8 +13801,12 @@ pub struct MariaDBMetricsExporterEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -13237,8 +13818,12 @@ pub struct MariaDBMetricsExporterEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -13259,8 +13844,12 @@ pub enum MariaDBMetricsExporterImagePullPolicy { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterImagePullSecrets { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -13348,8 +13937,12 @@ pub struct MariaDBMetricsExporterInitContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -13389,8 +13982,12 @@ pub struct MariaDBMetricsExporterInitContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -13416,8 +14013,12 @@ pub struct MariaDBMetricsExporterInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterInitContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -13429,8 +14030,12 @@ pub struct MariaDBMetricsExporterInitContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterInitContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -13735,6 +14340,11 @@ pub struct MariaDBMetricsExporterInitContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -13801,6 +14411,26 @@ pub struct MariaDBMetricsExporterInitContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMetricsExporterInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -13897,6 +14527,8 @@ pub struct MariaDBMetricsExporterInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -13905,6 +14537,28 @@ pub struct MariaDBMetricsExporterInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -14052,6 +14706,10 @@ pub struct MariaDBMetricsExporterPodMetadata { /// SecurityContext holds pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -14133,6 +14791,25 @@ pub struct MariaDBMetricsExporterPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMetricsExporterPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -14381,6 +15058,11 @@ pub struct MariaDBMetricsExporterSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -14447,6 +15129,26 @@ pub struct MariaDBMetricsExporterSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMetricsExporterSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -14615,8 +15317,12 @@ pub struct MariaDBMetricsExporterSidecarContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -14656,8 +15362,12 @@ pub struct MariaDBMetricsExporterSidecarContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -14683,8 +15393,12 @@ pub struct MariaDBMetricsExporterSidecarContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterSidecarContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -14696,8 +15410,12 @@ pub struct MariaDBMetricsExporterSidecarContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterSidecarContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -15002,6 +15720,11 @@ pub struct MariaDBMetricsExporterSidecarContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -15068,6 +15791,26 @@ pub struct MariaDBMetricsExporterSidecarContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMetricsExporterSidecarContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -15164,6 +15907,8 @@ pub struct MariaDBMetricsExporterSidecarContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -15172,6 +15917,28 @@ pub struct MariaDBMetricsExporterSidecarContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -15274,9 +16041,6 @@ pub struct MariaDBMetricsExporterTopologySpreadConstraints { /// In this situation, new pod with the same labelSelector cannot be scheduled, /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, /// it will violate MaxSkew. - /// - /// - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector @@ -15377,6 +16141,8 @@ pub struct MariaDBMetricsExporterVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -15385,6 +16151,28 @@ pub struct MariaDBMetricsExporterVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -15647,8 +16435,12 @@ pub struct MariaDBMetricsExporterVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterVolumesCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -15683,8 +16475,12 @@ pub struct MariaDBMetricsExporterVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterVolumesCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -15711,8 +16507,12 @@ pub struct MariaDBMetricsExporterVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -15776,8 +16576,12 @@ pub struct MariaDBMetricsExporterVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterVolumesCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -15803,7 +16607,7 @@ pub struct MariaDBMetricsExporterVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -15822,7 +16626,7 @@ pub struct MariaDBMetricsExporterVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -16039,7 +16843,7 @@ pub struct MariaDBMetricsExporterVolumesEphemeralVolumeClaimTemplateSpec { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -16223,8 +17027,12 @@ pub struct MariaDBMetricsExporterVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterVolumesFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -16380,8 +17188,12 @@ pub struct MariaDBMetricsExporterVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterVolumesIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -16589,8 +17401,12 @@ pub struct MariaDBMetricsExporterVolumesProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -16629,7 +17445,7 @@ pub struct MariaDBMetricsExporterVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -16648,7 +17464,7 @@ pub struct MariaDBMetricsExporterVolumesProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -16686,8 +17502,12 @@ pub struct MariaDBMetricsExporterVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -16816,8 +17636,12 @@ pub struct MariaDBMetricsExporterVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterVolumesRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -16867,8 +17691,12 @@ pub struct MariaDBMetricsExporterVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterVolumesScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -16959,8 +17787,12 @@ pub struct MariaDBMetricsExporterVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMetricsExporterVolumesStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -16994,8 +17826,12 @@ pub struct MariaDBMetricsPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -17028,8 +17864,12 @@ pub struct MariaDBMyCnfConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -17047,8 +17887,12 @@ pub struct MariaDBPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -17081,6 +17925,10 @@ pub struct MariaDBPodMetadata { /// SecurityContext holds pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -17162,6 +18010,25 @@ pub struct MariaDBPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -17559,8 +18426,12 @@ pub struct MariaDBReplicationReplicaReplPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -17619,8 +18490,12 @@ pub struct MariaDBRootPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -17760,6 +18635,11 @@ pub struct MariaDBSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -17826,6 +18706,26 @@ pub struct MariaDBSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -18040,8 +18940,12 @@ pub struct MariaDBSidecarContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -18081,8 +18985,12 @@ pub struct MariaDBSidecarContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -18108,8 +19016,12 @@ pub struct MariaDBSidecarContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBSidecarContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -18121,8 +19033,12 @@ pub struct MariaDBSidecarContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBSidecarContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -18427,6 +19343,11 @@ pub struct MariaDBSidecarContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -18493,6 +19414,26 @@ pub struct MariaDBSidecarContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBSidecarContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -18589,6 +19530,8 @@ pub struct MariaDBSidecarContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -18597,6 +19540,28 @@ pub struct MariaDBSidecarContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -18704,7 +19669,7 @@ pub struct MariaDBStorageVolumeClaimTemplate { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -18929,9 +19894,6 @@ pub struct MariaDBTopologySpreadConstraints { /// In this situation, new pod with the same labelSelector cannot be scheduled, /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, /// it will violate MaxSkew. - /// - /// - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector @@ -19071,6 +20033,8 @@ pub struct MariaDBVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -19079,6 +20043,28 @@ pub struct MariaDBVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -19341,8 +20327,12 @@ pub struct MariaDBVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBVolumesCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -19377,8 +20367,12 @@ pub struct MariaDBVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBVolumesCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -19405,8 +20399,12 @@ pub struct MariaDBVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -19470,8 +20468,12 @@ pub struct MariaDBVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBVolumesCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -19497,7 +20499,7 @@ pub struct MariaDBVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -19516,7 +20518,7 @@ pub struct MariaDBVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -19733,7 +20735,7 @@ pub struct MariaDBVolumesEphemeralVolumeClaimTemplateSpec { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -19917,8 +20919,12 @@ pub struct MariaDBVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBVolumesFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -20074,8 +21080,12 @@ pub struct MariaDBVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBVolumesIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -20283,8 +21293,12 @@ pub struct MariaDBVolumesProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -20323,7 +21337,7 @@ pub struct MariaDBVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -20342,7 +21356,7 @@ pub struct MariaDBVolumesProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -20380,8 +21394,12 @@ pub struct MariaDBVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -20510,8 +21528,12 @@ pub struct MariaDBVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBVolumesRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -20561,8 +21583,12 @@ pub struct MariaDBVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBVolumesScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -20653,8 +21679,12 @@ pub struct MariaDBVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBVolumesStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/maxscales.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/maxscales.rs index 44b5ee838..1be8dfbb6 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/maxscales.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/maxscales.rs @@ -356,23 +356,23 @@ pub struct MaxScaleAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExec pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -477,23 +477,23 @@ pub struct MaxScaleAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecu pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -629,23 +629,23 @@ pub struct MaxScaleAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuring pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -750,23 +750,23 @@ pub struct MaxScaleAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringE pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -939,8 +939,12 @@ pub struct MaxScaleAuthAdminPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -958,8 +962,12 @@ pub struct MaxScaleAuthClientPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -977,8 +985,12 @@ pub struct MaxScaleAuthMetricsPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -996,8 +1008,12 @@ pub struct MaxScaleAuthMonitorPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1015,8 +1031,12 @@ pub struct MaxScaleAuthServerPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1034,8 +1054,12 @@ pub struct MaxScaleAuthSyncPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1142,7 +1166,7 @@ pub struct MaxScaleConfigVolumeClaimTemplate { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -1397,8 +1421,12 @@ pub struct MaxScaleEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1438,8 +1466,12 @@ pub struct MaxScaleEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1465,8 +1497,12 @@ pub struct MaxScaleEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1478,8 +1514,12 @@ pub struct MaxScaleEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1546,8 +1586,12 @@ pub enum MaxScaleImagePullPolicy { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleImagePullSecrets { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1646,8 +1690,12 @@ pub struct MaxScaleInitContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1687,8 +1735,12 @@ pub struct MaxScaleInitContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1714,8 +1766,12 @@ pub struct MaxScaleInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleInitContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1727,8 +1783,12 @@ pub struct MaxScaleInitContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleInitContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -2033,6 +2093,11 @@ pub struct MaxScaleInitContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2099,6 +2164,26 @@ pub struct MaxScaleInitContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2195,6 +2280,8 @@ pub struct MaxScaleInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -2203,6 +2290,28 @@ pub struct MaxScaleInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -2719,23 +2828,23 @@ pub struct MaxScaleMetricsExporterAffinityPodAffinityPreferredDuringSchedulingIg pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -2840,23 +2949,23 @@ pub struct MaxScaleMetricsExporterAffinityPodAffinityRequiredDuringSchedulingIgn pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -2992,23 +3101,23 @@ pub struct MaxScaleMetricsExporterAffinityPodAntiAffinityPreferredDuringScheduli pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -3113,23 +3222,23 @@ pub struct MaxScaleMetricsExporterAffinityPodAntiAffinityRequiredDuringSchedulin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -3266,8 +3375,12 @@ pub struct MaxScaleMetricsExporterEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -3307,8 +3420,12 @@ pub struct MaxScaleMetricsExporterEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3334,8 +3451,12 @@ pub struct MaxScaleMetricsExporterEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -3347,8 +3468,12 @@ pub struct MaxScaleMetricsExporterEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -3369,8 +3494,12 @@ pub enum MaxScaleMetricsExporterImagePullPolicy { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterImagePullSecrets { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3458,8 +3587,12 @@ pub struct MaxScaleMetricsExporterInitContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -3499,8 +3632,12 @@ pub struct MaxScaleMetricsExporterInitContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3526,8 +3663,12 @@ pub struct MaxScaleMetricsExporterInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterInitContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -3539,8 +3680,12 @@ pub struct MaxScaleMetricsExporterInitContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterInitContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -3845,6 +3990,11 @@ pub struct MaxScaleMetricsExporterInitContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3911,6 +4061,26 @@ pub struct MaxScaleMetricsExporterInitContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleMetricsExporterInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -4007,6 +4177,8 @@ pub struct MaxScaleMetricsExporterInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -4015,6 +4187,28 @@ pub struct MaxScaleMetricsExporterInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -4162,6 +4356,10 @@ pub struct MaxScaleMetricsExporterPodMetadata { /// SecurityContext holds pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -4243,6 +4441,25 @@ pub struct MaxScaleMetricsExporterPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleMetricsExporterPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -4491,6 +4708,11 @@ pub struct MaxScaleMetricsExporterSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -4557,6 +4779,26 @@ pub struct MaxScaleMetricsExporterSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleMetricsExporterSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -4725,8 +4967,12 @@ pub struct MaxScaleMetricsExporterSidecarContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -4766,8 +5012,12 @@ pub struct MaxScaleMetricsExporterSidecarContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4793,8 +5043,12 @@ pub struct MaxScaleMetricsExporterSidecarContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterSidecarContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -4806,8 +5060,12 @@ pub struct MaxScaleMetricsExporterSidecarContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterSidecarContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -5112,6 +5370,11 @@ pub struct MaxScaleMetricsExporterSidecarContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -5178,6 +5441,26 @@ pub struct MaxScaleMetricsExporterSidecarContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleMetricsExporterSidecarContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -5274,6 +5557,8 @@ pub struct MaxScaleMetricsExporterSidecarContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -5282,6 +5567,28 @@ pub struct MaxScaleMetricsExporterSidecarContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -5384,9 +5691,6 @@ pub struct MaxScaleMetricsExporterTopologySpreadConstraints { /// In this situation, new pod with the same labelSelector cannot be scheduled, /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, /// it will violate MaxSkew. - /// - /// - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector @@ -5487,6 +5791,8 @@ pub struct MaxScaleMetricsExporterVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -5495,6 +5801,28 @@ pub struct MaxScaleMetricsExporterVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -5757,8 +6085,12 @@ pub struct MaxScaleMetricsExporterVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterVolumesCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5793,8 +6125,12 @@ pub struct MaxScaleMetricsExporterVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterVolumesCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5821,8 +6157,12 @@ pub struct MaxScaleMetricsExporterVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -5886,8 +6226,12 @@ pub struct MaxScaleMetricsExporterVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterVolumesCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5913,7 +6257,7 @@ pub struct MaxScaleMetricsExporterVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -5932,7 +6276,7 @@ pub struct MaxScaleMetricsExporterVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -6149,7 +6493,7 @@ pub struct MaxScaleMetricsExporterVolumesEphemeralVolumeClaimTemplateSpec { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -6333,8 +6677,12 @@ pub struct MaxScaleMetricsExporterVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterVolumesFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6490,8 +6838,12 @@ pub struct MaxScaleMetricsExporterVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterVolumesIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6699,8 +7051,12 @@ pub struct MaxScaleMetricsExporterVolumesProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -6739,7 +7095,7 @@ pub struct MaxScaleMetricsExporterVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -6758,7 +7114,7 @@ pub struct MaxScaleMetricsExporterVolumesProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -6796,8 +7152,12 @@ pub struct MaxScaleMetricsExporterVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -6926,8 +7286,12 @@ pub struct MaxScaleMetricsExporterVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterVolumesRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6977,8 +7341,12 @@ pub struct MaxScaleMetricsExporterVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterVolumesScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -7069,8 +7437,12 @@ pub struct MaxScaleMetricsExporterVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMetricsExporterVolumesStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -7173,6 +7545,10 @@ pub struct MaxScalePodMetadata { /// SecurityContext holds pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScalePodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -7254,6 +7630,25 @@ pub struct MaxScalePodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScalePodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -7502,6 +7897,11 @@ pub struct MaxScaleSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -7568,6 +7968,26 @@ pub struct MaxScaleSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -7812,8 +8232,12 @@ pub struct MaxScaleSidecarContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -7853,8 +8277,12 @@ pub struct MaxScaleSidecarContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -7880,8 +8308,12 @@ pub struct MaxScaleSidecarContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleSidecarContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -7893,8 +8325,12 @@ pub struct MaxScaleSidecarContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleSidecarContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -8199,6 +8635,11 @@ pub struct MaxScaleSidecarContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -8265,6 +8706,26 @@ pub struct MaxScaleSidecarContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleSidecarContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -8361,6 +8822,8 @@ pub struct MaxScaleSidecarContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -8369,6 +8832,28 @@ pub struct MaxScaleSidecarContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -8471,9 +8956,6 @@ pub struct MaxScaleTopologySpreadConstraints { /// In this situation, new pod with the same labelSelector cannot be scheduled, /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, /// it will violate MaxSkew. - /// - /// - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector @@ -8606,6 +9088,8 @@ pub struct MaxScaleVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -8614,6 +9098,28 @@ pub struct MaxScaleVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -8876,8 +9382,12 @@ pub struct MaxScaleVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleVolumesCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8912,8 +9422,12 @@ pub struct MaxScaleVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleVolumesCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8940,8 +9454,12 @@ pub struct MaxScaleVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -9005,8 +9523,12 @@ pub struct MaxScaleVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleVolumesCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9032,7 +9554,7 @@ pub struct MaxScaleVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -9051,7 +9573,7 @@ pub struct MaxScaleVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -9268,7 +9790,7 @@ pub struct MaxScaleVolumesEphemeralVolumeClaimTemplateSpec { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -9452,8 +9974,12 @@ pub struct MaxScaleVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleVolumesFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9609,8 +10135,12 @@ pub struct MaxScaleVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleVolumesIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9818,8 +10348,12 @@ pub struct MaxScaleVolumesProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -9858,7 +10392,7 @@ pub struct MaxScaleVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -9877,7 +10411,7 @@ pub struct MaxScaleVolumesProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -9915,8 +10449,12 @@ pub struct MaxScaleVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -10045,8 +10583,12 @@ pub struct MaxScaleVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleVolumesRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -10096,8 +10638,12 @@ pub struct MaxScaleVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleVolumesScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -10188,8 +10734,12 @@ pub struct MaxScaleVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleVolumesStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/restores.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/restores.rs index 05e2dddb3..0bd4cdf7d 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/restores.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/restores.rs @@ -292,23 +292,23 @@ pub struct RestoreAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecu pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -413,23 +413,23 @@ pub struct RestoreAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecut pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -565,23 +565,23 @@ pub struct RestoreAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringE pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -686,23 +686,23 @@ pub struct RestoreAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringEx pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -797,8 +797,12 @@ pub struct RestoreAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringEx #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreBackupRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -808,8 +812,12 @@ pub struct RestoreBackupRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreImagePullSecrets { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -880,6 +888,10 @@ pub struct RestorePodMetadata { /// SecurityContext holds pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestorePodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -961,6 +973,25 @@ pub struct RestorePodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RestorePodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -1117,8 +1148,12 @@ pub struct RestoreS3AccessKeyIdSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1132,8 +1167,12 @@ pub struct RestoreS3SecretAccessKeySecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1147,8 +1186,12 @@ pub struct RestoreS3SessionTokenSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1175,8 +1218,12 @@ pub struct RestoreS3TlsCaSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1196,6 +1243,11 @@ pub struct RestoreSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -1262,6 +1314,26 @@ pub struct RestoreSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RestoreSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -1623,8 +1695,12 @@ pub struct RestoreVolumeCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreVolumeCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1659,8 +1735,12 @@ pub struct RestoreVolumeCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreVolumeCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1687,8 +1767,12 @@ pub struct RestoreVolumeConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -1752,8 +1836,12 @@ pub struct RestoreVolumeCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreVolumeCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1779,7 +1867,7 @@ pub struct RestoreVolumeDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreVolumeDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -1798,7 +1886,7 @@ pub struct RestoreVolumeDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreVolumeDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2015,7 +2103,7 @@ pub struct RestoreVolumeEphemeralVolumeClaimTemplateSpec { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -2199,8 +2287,12 @@ pub struct RestoreVolumeFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreVolumeFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2356,8 +2448,12 @@ pub struct RestoreVolumeIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreVolumeIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2565,8 +2661,12 @@ pub struct RestoreVolumeProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -2605,7 +2705,7 @@ pub struct RestoreVolumeProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreVolumeProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -2624,7 +2724,7 @@ pub struct RestoreVolumeProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreVolumeProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2662,8 +2762,12 @@ pub struct RestoreVolumeProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -2792,8 +2896,12 @@ pub struct RestoreVolumeRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreVolumeRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2843,8 +2951,12 @@ pub struct RestoreVolumeScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreVolumeScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2935,8 +3047,12 @@ pub struct RestoreVolumeStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreVolumeStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/sqljobs.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/sqljobs.rs index 51b0e3306..0622a8d1e 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/sqljobs.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/sqljobs.rs @@ -36,6 +36,8 @@ pub struct SqlJobSpec { /// DependsOn defines dependencies with other SqlJob objectecs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dependsOn")] pub depends_on: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failedJobsHistoryLimit")] + pub failed_jobs_history_limit: Option, /// ImagePullSecrets is the list of pull Secrets to be used to pull the image. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] pub image_pull_secrets: Option>, @@ -82,6 +84,8 @@ pub struct SqlJobSpec { /// It is defaulted to a ConfigMap with the contents of the Sql field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlConfigMapKeyRef")] pub sql_config_map_key_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "successfulJobsHistoryLimit")] + pub successful_jobs_history_limit: Option, /// Tolerations to be used in the Pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, @@ -293,23 +297,23 @@ pub struct SqlJobAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecut pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -414,23 +418,23 @@ pub struct SqlJobAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecuti pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -566,23 +570,23 @@ pub struct SqlJobAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringEx pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -687,23 +691,23 @@ pub struct SqlJobAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExe pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -799,8 +803,12 @@ pub struct SqlJobAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExe #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SqlJobDependsOn { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -810,8 +818,12 @@ pub struct SqlJobDependsOn { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SqlJobImagePullSecrets { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -874,8 +886,12 @@ pub struct SqlJobPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -897,6 +913,10 @@ pub struct SqlJobPodMetadata { /// SecurityContext holds pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SqlJobPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -978,6 +998,25 @@ pub struct SqlJobPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SqlJobPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -1123,6 +1162,11 @@ pub struct SqlJobSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -1189,6 +1233,26 @@ pub struct SqlJobSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SqlJobSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -1281,8 +1345,12 @@ pub struct SqlJobSqlConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/users.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/users.rs index 6c20bd011..e9fe62573 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/users.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/users.rs @@ -93,8 +93,12 @@ pub struct UserPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/k8s_nginx_org/v1/policies.rs b/kube-custom-resources-rs/src/k8s_nginx_org/v1/policies.rs index 708fa20dd..00a3ef688 100644 --- a/kube-custom-resources-rs/src/k8s_nginx_org/v1/policies.rs +++ b/kube-custom-resources-rs/src/k8s_nginx_org/v1/policies.rs @@ -27,7 +27,6 @@ pub struct PolicySpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiKey")] pub api_key: Option, /// BasicAuth holds HTTP Basic authentication configuration - /// policy status: preview #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] pub basic_auth: Option, /// EgressMTLS defines an Egress MTLS policy. @@ -81,7 +80,6 @@ pub struct PolicyApiKeySuppliedIn { } /// BasicAuth holds HTTP Basic authentication configuration -/// policy status: preview #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PolicyBasicAuth { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/kafka_services_k8s_aws/v1alpha1/clusters.rs b/kube-custom-resources-rs/src/kafka_services_k8s_aws/v1alpha1/clusters.rs index 47fd48ee7..462665efc 100644 --- a/kube-custom-resources-rs/src/kafka_services_k8s_aws/v1alpha1/clusters.rs +++ b/kube-custom-resources-rs/src/kafka_services_k8s_aws/v1alpha1/clusters.rs @@ -319,6 +319,10 @@ pub struct ClusterStatus { /// FAILED, HEALING, MAINTENANCE, REBOOTING_BROKER, and UPDATING. #[serde(default, skip_serializing_if = "Option::is_none")] pub state: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "zookeeperConnectString")] + pub zookeeper_connect_string: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "zookeeperConnectStringTLS")] + pub zookeeper_connect_string_tls: Option, } /// All CRs managed by ACK have a common `Status.ACKResourceMetadata` member diff --git a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkabridges.rs b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkabridges.rs index 2d71b989d..51b38db85 100644 --- a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkabridges.rs +++ b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkabridges.rs @@ -210,8 +210,12 @@ pub struct KafkaBridgeAuthenticationRefreshToken { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaBridgeAuthenticationTlsTrustedCertificates { - /// The name of the file certificate in the Secret. - pub certificate: String, + /// The name of the file certificate in the secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub certificate: Option, + /// Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pattern: Option, /// The name of the Secret containing the certificate. #[serde(rename = "secretName")] pub secret_name: String, @@ -238,6 +242,12 @@ pub struct KafkaBridgeConsumer { /// The Kafka consumer configuration used for consumer instances created by the bridge. Properties with the following prefixes cannot be set: ssl., bootstrap.servers, group.id, sasl., security. (with the exception of: ssl.endpoint.identification.algorithm, ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols). #[serde(default, skip_serializing_if = "Option::is_none")] pub config: Option>, + /// Whether the HTTP consumer should be enabled or disabled, default is enabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// The timeout in seconds for deleting inactive consumers, default is -1 (disabled). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, } /// The HTTP related configuration. @@ -360,6 +370,9 @@ pub struct KafkaBridgeProducer { /// The Kafka producer configuration used for producer instances created by the bridge. Properties with the following prefixes cannot be set: ssl., bootstrap.servers, sasl., security. (with the exception of: ssl.endpoint.identification.algorithm, ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols). #[serde(default, skip_serializing_if = "Option::is_none")] pub config: Option>, + /// Whether the HTTP producer should be enabled or disabled, default is enabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, } /// Configuration of the node label which will be used as the client.rack consumer configuration. @@ -495,6 +508,8 @@ pub struct KafkaBridgeTemplateBridgeContainerEnv { pub struct KafkaBridgeTemplateBridgeContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -517,6 +532,14 @@ pub struct KafkaBridgeTemplateBridgeContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaBridgeTemplateBridgeContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaBridgeTemplateBridgeContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -631,6 +654,8 @@ pub struct KafkaBridgeTemplateInitContainerEnv { pub struct KafkaBridgeTemplateInitContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -653,6 +678,14 @@ pub struct KafkaBridgeTemplateInitContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaBridgeTemplateInitContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaBridgeTemplateInitContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1091,6 +1124,8 @@ pub struct KafkaBridgeTemplatePodMetadata { /// Configures pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaBridgeTemplatePodSecurityContext { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] @@ -1113,6 +1148,14 @@ pub struct KafkaBridgeTemplatePodSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaBridgeTemplatePodSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaBridgeTemplatePodSecurityContextSeLinuxOptions { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1256,8 +1299,12 @@ pub struct KafkaBridgeTls { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaBridgeTlsTrustedCertificates { - /// The name of the file certificate in the Secret. - pub certificate: String, + /// The name of the file certificate in the secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub certificate: Option, + /// Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pattern: Option, /// The name of the Secret containing the certificate. #[serde(rename = "secretName")] pub secret_name: String, diff --git a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkaconnectors.rs b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkaconnectors.rs index b2b5f7201..cf9e12c71 100644 --- a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkaconnectors.rs +++ b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkaconnectors.rs @@ -26,7 +26,7 @@ pub struct KafkaConnectorSpec { /// The Class for the Kafka Connector. #[serde(default, skip_serializing_if = "Option::is_none")] pub class: Option, - /// The Kafka Connector configuration. The following properties cannot be set: connector.class, tasks.max. + /// The Kafka Connector configuration. The following properties cannot be set: name, connector.class, tasks.max. #[serde(default, skip_serializing_if = "Option::is_none")] pub config: Option>, /// Whether the connector should be paused. Defaults to false. diff --git a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkaconnects.rs b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkaconnects.rs index 9be105ce0..a9c1fb68f 100644 --- a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkaconnects.rs +++ b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkaconnects.rs @@ -205,8 +205,12 @@ pub struct KafkaConnectAuthenticationRefreshToken { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaConnectAuthenticationTlsTrustedCertificates { - /// The name of the file certificate in the Secret. - pub certificate: String, + /// The name of the file certificate in the secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub certificate: Option, + /// Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pattern: Option, /// The name of the Secret containing the certificate. #[serde(rename = "secretName")] pub secret_name: String, @@ -773,6 +777,8 @@ pub struct KafkaConnectTemplateBuildContainerEnv { pub struct KafkaConnectTemplateBuildContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -795,6 +801,14 @@ pub struct KafkaConnectTemplateBuildContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaConnectTemplateBuildContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaConnectTemplateBuildContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1233,6 +1247,8 @@ pub struct KafkaConnectTemplateBuildPodMetadata { /// Configures pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaConnectTemplateBuildPodSecurityContext { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] @@ -1255,6 +1271,14 @@ pub struct KafkaConnectTemplateBuildPodSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaConnectTemplateBuildPodSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaConnectTemplateBuildPodSecurityContextSeLinuxOptions { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1411,6 +1435,8 @@ pub struct KafkaConnectTemplateConnectContainerEnv { pub struct KafkaConnectTemplateConnectContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1433,6 +1459,14 @@ pub struct KafkaConnectTemplateConnectContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaConnectTemplateConnectContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaConnectTemplateConnectContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1561,6 +1595,8 @@ pub struct KafkaConnectTemplateInitContainerEnv { pub struct KafkaConnectTemplateInitContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1583,6 +1619,14 @@ pub struct KafkaConnectTemplateInitContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaConnectTemplateInitContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaConnectTemplateInitContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2040,6 +2084,8 @@ pub struct KafkaConnectTemplatePodMetadata { /// Configures pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaConnectTemplatePodSecurityContext { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] @@ -2062,6 +2108,14 @@ pub struct KafkaConnectTemplatePodSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaConnectTemplatePodSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaConnectTemplatePodSecurityContextSeLinuxOptions { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2224,8 +2278,12 @@ pub struct KafkaConnectTls { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaConnectTlsTrustedCertificates { - /// The name of the file certificate in the Secret. - pub certificate: String, + /// The name of the file certificate in the secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub certificate: Option, + /// Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pattern: Option, /// The name of the Secret containing the certificate. #[serde(rename = "secretName")] pub secret_name: String, diff --git a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkamirrormakers.rs b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkamirrormakers.rs index 28271d924..1e6f8ffda 100644 --- a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkamirrormakers.rs +++ b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkamirrormakers.rs @@ -213,8 +213,12 @@ pub struct KafkaMirrorMakerConsumerAuthenticationRefreshToken { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaMirrorMakerConsumerAuthenticationTlsTrustedCertificates { - /// The name of the file certificate in the Secret. - pub certificate: String, + /// The name of the file certificate in the secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub certificate: Option, + /// Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pattern: Option, /// The name of the Secret containing the certificate. #[serde(rename = "secretName")] pub secret_name: String, @@ -245,8 +249,12 @@ pub struct KafkaMirrorMakerConsumerTls { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaMirrorMakerConsumerTlsTrustedCertificates { - /// The name of the file certificate in the Secret. - pub certificate: String, + /// The name of the file certificate in the secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub certificate: Option, + /// Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pattern: Option, /// The name of the Secret containing the certificate. #[serde(rename = "secretName")] pub secret_name: String, @@ -523,8 +531,12 @@ pub struct KafkaMirrorMakerProducerAuthenticationRefreshToken { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaMirrorMakerProducerAuthenticationTlsTrustedCertificates { - /// The name of the file certificate in the Secret. - pub certificate: String, + /// The name of the file certificate in the secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub certificate: Option, + /// Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pattern: Option, /// The name of the Secret containing the certificate. #[serde(rename = "secretName")] pub secret_name: String, @@ -555,8 +567,12 @@ pub struct KafkaMirrorMakerProducerTls { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaMirrorMakerProducerTlsTrustedCertificates { - /// The name of the file certificate in the Secret. - pub certificate: String, + /// The name of the file certificate in the secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub certificate: Option, + /// Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pattern: Option, /// The name of the Secret containing the certificate. #[serde(rename = "secretName")] pub secret_name: String, @@ -674,6 +690,8 @@ pub struct KafkaMirrorMakerTemplateMirrorMakerContainerEnv { pub struct KafkaMirrorMakerTemplateMirrorMakerContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -696,6 +714,14 @@ pub struct KafkaMirrorMakerTemplateMirrorMakerContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaMirrorMakerTemplateMirrorMakerContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaMirrorMakerTemplateMirrorMakerContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1134,6 +1160,8 @@ pub struct KafkaMirrorMakerTemplatePodMetadata { /// Configures pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaMirrorMakerTemplatePodSecurityContext { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] @@ -1156,6 +1184,14 @@ pub struct KafkaMirrorMakerTemplatePodSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaMirrorMakerTemplatePodSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaMirrorMakerTemplatePodSecurityContextSeLinuxOptions { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkas.rs b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkas.rs index d6e79eada..bea7a7733 100644 --- a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkas.rs +++ b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkas.rs @@ -434,6 +434,8 @@ pub struct KafkaCruiseControlTemplateCruiseControlContainerEnv { pub struct KafkaCruiseControlTemplateCruiseControlContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -456,6 +458,14 @@ pub struct KafkaCruiseControlTemplateCruiseControlContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaCruiseControlTemplateCruiseControlContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaCruiseControlTemplateCruiseControlContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -923,6 +933,8 @@ pub struct KafkaCruiseControlTemplatePodMetadata { /// Configures pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaCruiseControlTemplatePodSecurityContext { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] @@ -945,6 +957,14 @@ pub struct KafkaCruiseControlTemplatePodSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaCruiseControlTemplatePodSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaCruiseControlTemplatePodSecurityContextSeLinuxOptions { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1104,6 +1124,8 @@ pub struct KafkaCruiseControlTemplateTlsSidecarContainerEnv { pub struct KafkaCruiseControlTemplateTlsSidecarContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1126,6 +1148,14 @@ pub struct KafkaCruiseControlTemplateTlsSidecarContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaCruiseControlTemplateTlsSidecarContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaCruiseControlTemplateTlsSidecarContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1759,6 +1789,8 @@ pub struct KafkaEntityOperatorTemplatePodMetadata { /// Configures pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaEntityOperatorTemplatePodSecurityContext { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] @@ -1781,6 +1813,14 @@ pub struct KafkaEntityOperatorTemplatePodSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaEntityOperatorTemplatePodSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaEntityOperatorTemplatePodSecurityContextSeLinuxOptions { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1918,6 +1958,8 @@ pub struct KafkaEntityOperatorTemplateTlsSidecarContainerEnv { pub struct KafkaEntityOperatorTemplateTlsSidecarContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1940,6 +1982,14 @@ pub struct KafkaEntityOperatorTemplateTlsSidecarContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaEntityOperatorTemplateTlsSidecarContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaEntityOperatorTemplateTlsSidecarContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2006,6 +2056,8 @@ pub struct KafkaEntityOperatorTemplateTopicOperatorContainerEnv { pub struct KafkaEntityOperatorTemplateTopicOperatorContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2028,6 +2080,14 @@ pub struct KafkaEntityOperatorTemplateTopicOperatorContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaEntityOperatorTemplateTopicOperatorContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaEntityOperatorTemplateTopicOperatorContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2113,6 +2173,8 @@ pub struct KafkaEntityOperatorTemplateUserOperatorContainerEnv { pub struct KafkaEntityOperatorTemplateUserOperatorContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2135,6 +2197,14 @@ pub struct KafkaEntityOperatorTemplateUserOperatorContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaEntityOperatorTemplateUserOperatorContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaEntityOperatorTemplateUserOperatorContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2310,7 +2380,10 @@ pub struct KafkaEntityOperatorTopicOperator { /// Pod readiness checking. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, - /// Interval between periodic reconciliations. + /// Interval between periodic reconciliations in milliseconds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconciliationIntervalMs")] + pub reconciliation_interval_ms: Option, + /// Interval between periodic reconciliations in seconds. Ignored if reconciliationIntervalMs is set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconciliationIntervalSeconds")] pub reconciliation_interval_seconds: Option, /// CPU and memory resources to reserve. @@ -2497,7 +2570,10 @@ pub struct KafkaEntityOperatorUserOperator { /// Pod readiness checking. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, - /// Interval between periodic reconciliations. + /// Interval between periodic reconciliations in milliseconds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconciliationIntervalMs")] + pub reconciliation_interval_ms: Option, + /// Interval between periodic reconciliations in seconds. Ignored if reconciliationIntervalMs is set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconciliationIntervalSeconds")] pub reconciliation_interval_seconds: Option, /// CPU and memory resources to reserve. @@ -2758,6 +2834,8 @@ pub struct KafkaJmxTransTemplateContainerEnv { pub struct KafkaJmxTransTemplateContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2780,6 +2858,14 @@ pub struct KafkaJmxTransTemplateContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaJmxTransTemplateContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaJmxTransTemplateContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3247,6 +3333,8 @@ pub struct KafkaJmxTransTemplatePodMetadata { /// Configures pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaJmxTransTemplatePodSecurityContext { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] @@ -3269,6 +3357,14 @@ pub struct KafkaJmxTransTemplatePodSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaJmxTransTemplatePodSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaJmxTransTemplatePodSecurityContextSeLinuxOptions { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3389,7 +3485,7 @@ pub struct KafkaKafka { /// The image of the init container used for initializing the `broker.rack`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "brokerRackInitImage")] pub broker_rack_init_image: Option, - /// Kafka broker config properties with the following prefixes cannot be set: listeners, advertised., broker., listener., host.name, port, inter.broker.listener.name, sasl., ssl., security., password., log.dir, zookeeper.connect, zookeeper.set.acl, zookeeper.ssl, zookeeper.clientCnxnSocket, authorizer., super.user, cruise.control.metrics.topic, cruise.control.metrics.reporter.bootstrap.servers, node.id, process.roles, controller., metadata.log.dir, zookeeper.metadata.migration.enable (with the exception of: zookeeper.connection.timeout.ms, sasl.server.max.receive.size, ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols, ssl.secure.random.implementation, cruise.control.metrics.topic.num.partitions, cruise.control.metrics.topic.replication.factor, cruise.control.metrics.topic.retention.ms, cruise.control.metrics.topic.auto.create.retries, cruise.control.metrics.topic.auto.create.timeout.ms, cruise.control.metrics.topic.min.insync.replicas, controller.quorum.election.backoff.max.ms, controller.quorum.election.timeout.ms, controller.quorum.fetch.timeout.ms). + /// Kafka broker config properties with the following prefixes cannot be set: listeners, advertised., broker., listener., host.name, port, inter.broker.listener.name, sasl., ssl., security., password., log.dir, zookeeper.connect, zookeeper.set.acl, zookeeper.ssl, zookeeper.clientCnxnSocket, authorizer., super.user, cruise.control.metrics.topic, cruise.control.metrics.reporter.bootstrap.servers, node.id, process.roles, controller., metadata.log.dir, zookeeper.metadata.migration.enable, client.quota.callback.static.kafka.admin., client.quota.callback.static.produce, client.quota.callback.static.fetch, client.quota.callback.static.storage.per.volume.limit.min.available., client.quota.callback.static.excluded.principal.name.list (with the exception of: zookeeper.connection.timeout.ms, sasl.server.max.receive.size, ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols, ssl.secure.random.implementation, cruise.control.metrics.topic.num.partitions, cruise.control.metrics.topic.replication.factor, cruise.control.metrics.topic.retention.ms, cruise.control.metrics.topic.auto.create.retries, cruise.control.metrics.topic.auto.create.timeout.ms, cruise.control.metrics.topic.min.insync.replicas, controller.quorum.election.backoff.max.ms, controller.quorum.election.timeout.ms, controller.quorum.fetch.timeout.ms). #[serde(default, skip_serializing_if = "Option::is_none")] pub config: Option>, /// The container image used for Kafka pods. If the property is not set, the default Kafka image version is determined based on the `version` configuration. The image names are specifically mapped to corresponding versions in the Cluster Operator configuration. Changing the Kafka image version does not automatically update the image versions for other components, such as Kafka Exporter. @@ -3415,6 +3511,9 @@ pub struct KafkaKafka { /// Metrics configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "metricsConfig")] pub metrics_config: Option, + /// Quotas plugin configuration for Kafka brokers allows setting quotas for disk usage, produce/fetch rates, and more. Supported plugin types include `kafka` (default) and `strimzi`. If not specified, the default `kafka` quotas plugin is used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub quotas: Option, /// Configuration of the `broker.rack` broker config. #[serde(default, skip_serializing_if = "Option::is_none")] pub rack: Option, @@ -3520,8 +3619,12 @@ pub struct KafkaKafkaAuthorization { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaKafkaAuthorizationTlsTrustedCertificates { - /// The name of the file certificate in the Secret. - pub certificate: String, + /// The name of the file certificate in the secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub certificate: Option, + /// Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pattern: Option, /// The name of the Secret containing the certificate. #[serde(rename = "secretName")] pub secret_name: String, @@ -3772,8 +3875,12 @@ pub struct KafkaKafkaListenersAuthenticationSecrets { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaKafkaListenersAuthenticationTlsTrustedCertificates { - /// The name of the file certificate in the Secret. - pub certificate: String, + /// The name of the file certificate in the secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub certificate: Option, + /// Pattern for the certificate files in the secret. Use the link:https://en.wikipedia.org/wiki/Glob_(programming)[_glob syntax_] for the pattern. All files in the secret that match the pattern are used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pattern: Option, /// The name of the Secret containing the certificate. #[serde(rename = "secretName")] pub secret_name: String, @@ -3842,6 +3949,9 @@ pub struct KafkaKafkaListenersConfiguration { /// This field is used to select the preferred address type, which is checked first. If no address is found for this address type, the other types are checked in the default order. This field can only be used with `nodeport` type listener. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredNodePortAddressType")] pub preferred_node_port_address_type: Option, + /// Configures whether the service endpoints are considered "ready" even if the Pods themselves are not. Defaults to `false`. This field can not be used with `internal` type listeners. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "publishNotReadyAddresses")] + pub publish_not_ready_addresses: Option, /// Configures whether the Kubernetes service DNS domain should be used or not. If set to `true`, the generated addresses will contain the service DNS domain suffix (by default `.cluster.local`, can be configured using environment variable `KUBERNETES_SERVICE_DNS_DOMAIN`). Defaults to `false`.This field can be used only with `internal` and `cluster-ip` type listeners. #[serde(default, skip_serializing_if = "Option::is_none", rename = "useServiceDnsDomain")] pub use_service_dns_domain: Option, @@ -4113,6 +4223,44 @@ pub struct KafkaKafkaMetricsConfigValueFromConfigMapKeyRef { pub optional: Option, } +/// Quotas plugin configuration for Kafka brokers allows setting quotas for disk usage, produce/fetch rates, and more. Supported plugin types include `kafka` (default) and `strimzi`. If not specified, the default `kafka` quotas plugin is used. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct KafkaKafkaQuotas { + /// A per-broker byte-rate quota for clients consuming from a broker, independent of their number. If clients consume at maximum speed, the quota is shared equally between all non-excluded consumers. Otherwise, the quota is divided based on each client's consumption rate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "consumerByteRate")] + pub consumer_byte_rate: Option, + /// The default client quota on the rate at which mutations are accepted per second for create topic requests, create partition requests, and delete topic requests, defined for each broker. The mutations rate is measured by the number of partitions created or deleted. Applied on a per-broker basis. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "controllerMutationRate")] + pub controller_mutation_rate: Option, + /// List of principals that are excluded from the quota. The principals have to be prefixed with `User:`, for example `User:my-user;User:CN=my-other-user`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludedPrincipals")] + pub excluded_principals: Option>, + /// Stop message production if the available size (in bytes) of the storage is lower than or equal to this specified value. This condition is mutually exclusive with `minAvailableRatioPerVolume`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAvailableBytesPerVolume")] + pub min_available_bytes_per_volume: Option, + /// Stop message production if the percentage of available storage space falls below or equals the specified ratio (set as a decimal representing a percentage). This condition is mutually exclusive with `minAvailableBytesPerVolume`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAvailableRatioPerVolume")] + pub min_available_ratio_per_volume: Option, + /// A per-broker byte-rate quota for clients producing to a broker, independent of their number. If clients produce at maximum speed, the quota is shared equally between all non-excluded producers. Otherwise, the quota is divided based on each client's production rate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "producerByteRate")] + pub producer_byte_rate: Option, + /// The default client quota limits the maximum CPU utilization of each client as a percentage of the network and I/O threads of each broker. Applied on a per-broker basis. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestPercentage")] + pub request_percentage: Option, + /// Quotas plugin type. Currently, the supported types are `kafka` and `strimzi`. `kafka` quotas type uses Kafka's built-in quotas plugin. `strimzi` quotas type uses Strimzi quotas plugin. + #[serde(rename = "type")] + pub r#type: KafkaKafkaQuotasType, +} + +/// Quotas plugin configuration for Kafka brokers allows setting quotas for disk usage, produce/fetch rates, and more. Supported plugin types include `kafka` (default) and `strimzi`. If not specified, the default `kafka` quotas plugin is used. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum KafkaKafkaQuotasType { + #[serde(rename = "kafka")] + Kafka, + #[serde(rename = "strimzi")] + Strimzi, +} + /// Configuration of the `broker.rack` broker config. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaKafkaRack { @@ -4525,6 +4673,8 @@ pub struct KafkaKafkaTemplateInitContainerEnv { pub struct KafkaKafkaTemplateInitContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4547,6 +4697,14 @@ pub struct KafkaKafkaTemplateInitContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaKafkaTemplateInitContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaKafkaTemplateInitContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4632,6 +4790,8 @@ pub struct KafkaKafkaTemplateKafkaContainerEnv { pub struct KafkaKafkaTemplateKafkaContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4654,6 +4814,14 @@ pub struct KafkaKafkaTemplateKafkaContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaKafkaTemplateKafkaContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaKafkaTemplateKafkaContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5168,6 +5336,8 @@ pub struct KafkaKafkaTemplatePodMetadata { /// Configures pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaKafkaTemplatePodSecurityContext { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] @@ -5190,6 +5360,14 @@ pub struct KafkaKafkaTemplatePodSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaKafkaTemplatePodSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaKafkaTemplatePodSecurityContextSeLinuxOptions { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5547,6 +5725,8 @@ pub struct KafkaKafkaExporterTemplateContainerEnv { pub struct KafkaKafkaExporterTemplateContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5569,6 +5749,14 @@ pub struct KafkaKafkaExporterTemplateContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaKafkaExporterTemplateContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaKafkaExporterTemplateContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -6036,6 +6224,8 @@ pub struct KafkaKafkaExporterTemplatePodMetadata { /// Configures pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaKafkaExporterTemplatePodSecurityContext { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] @@ -6058,6 +6248,14 @@ pub struct KafkaKafkaExporterTemplatePodSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaKafkaExporterTemplatePodSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaKafkaExporterTemplatePodSecurityContextSeLinuxOptions { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -7011,6 +7209,8 @@ pub struct KafkaZookeeperTemplatePodMetadata { /// Configures pod-level security attributes and common container settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaZookeeperTemplatePodSecurityContext { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] @@ -7033,6 +7233,14 @@ pub struct KafkaZookeeperTemplatePodSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaZookeeperTemplatePodSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaZookeeperTemplatePodSecurityContextSeLinuxOptions { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -7240,6 +7448,8 @@ pub struct KafkaZookeeperTemplateZookeeperContainerEnv { pub struct KafkaZookeeperTemplateZookeeperContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -7262,6 +7472,14 @@ pub struct KafkaZookeeperTemplateZookeeperContainerSecurityContext { pub windows_options: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaZookeeperTemplateZookeeperContainerSecurityContextAppArmorProfile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaZookeeperTemplateZookeeperContainerSecurityContextCapabilities { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/karpenter_k8s_aws/v1/ec2nodeclasses.rs b/kube-custom-resources-rs/src/karpenter_k8s_aws/v1/ec2nodeclasses.rs index 5febee77f..9f98ffe17 100644 --- a/kube-custom-resources-rs/src/karpenter_k8s_aws/v1/ec2nodeclasses.rs +++ b/kube-custom-resources-rs/src/karpenter_k8s_aws/v1/ec2nodeclasses.rs @@ -13,15 +13,13 @@ use self::prelude::*; /// EC2NodeClassSpec is the top level specification for the AWS Karpenter Provider. /// This will contain configuration necessary to launch instances in AWS. -#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, PartialEq)] +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "karpenter.k8s.aws", version = "v1", kind = "EC2NodeClass", plural = "ec2nodeclasses")] #[kube(status = "EC2NodeClassStatus")] #[kube(schema = "disabled")] +#[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct EC2NodeClassSpec { - /// AMIFamily is the AMI family that instances use. - #[serde(rename = "amiFamily")] - pub ami_family: EC2NodeClassAmiFamily, /// AMISelectorTerms is a list of or ami selector terms. The terms are ORed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "amiSelectorTerms")] pub ami_selector_terms: Option>, @@ -47,6 +45,11 @@ pub struct EC2NodeClassSpec { /// InstanceStorePolicy specifies how to handle instance-store disks. #[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceStorePolicy")] pub instance_store_policy: Option, + /// Kubelet defines args to be used when configuring kubelet on provisioned nodes. + /// They are a subset of the upstream types, recognizing not all options may be supported. + /// Wherever possible, the types and names should reflect the upstream kubelet types. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kubelet: Option, /// MetadataOptions for the generated launch template of provisioned nodes. /// /// @@ -88,25 +91,18 @@ pub struct EC2NodeClassSpec { pub user_data: Option, } -/// EC2NodeClassSpec is the top level specification for the AWS Karpenter Provider. -/// This will contain configuration necessary to launch instances in AWS. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum EC2NodeClassAmiFamily { - #[serde(rename = "AL2")] - Al2, - #[serde(rename = "AL2023")] - Al2023, - Bottlerocket, - Ubuntu, - Custom, - Windows2019, - Windows2022, -} - /// AMISelectorTerm defines selection logic for an ami used by Karpenter to launch nodes. /// If multiple fields are used for selection, the requirements are ANDed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct EC2NodeClassAmiSelectorTerms { + /// Alias specifies which EKS optimized AMI to select. + /// Each alias consists of a family and an AMI version, specified as "family@version". + /// Valid families include: al2, al2023, bottlerocket, windows2019, and windows2022. + /// The version can either be pinned to a specific AMI release, with that AMIs version format (ex: "al2023@v20240625" or "bottlerocket@v1.10.0"). + /// The version can also be set to "latest" for any family. Setting the version to latest will result in drift when a new AMI is released. This is **not** recommended for production environments. + /// Note: The Windows families do **not** support version pinning, and only latest may be used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub alias: Option, /// ID is the ami id in EC2 #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, @@ -237,6 +233,61 @@ pub enum EC2NodeClassInstanceStorePolicy { Raid0, } +/// Kubelet defines args to be used when configuring kubelet on provisioned nodes. +/// They are a subset of the upstream types, recognizing not all options may be supported. +/// Wherever possible, the types and names should reflect the upstream kubelet types. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct EC2NodeClassKubelet { + /// clusterDNS is a list of IP addresses for the cluster DNS server. + /// Note that not all providers may use all addresses. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDNS")] + pub cluster_dns: Option>, + /// CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCFSQuota")] + pub cpu_cfs_quota: Option, + /// EvictionHard is the map of signal names to quantities that define hard eviction thresholds + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionHard")] + pub eviction_hard: Option>, + /// EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in + /// response to soft eviction thresholds being met. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionMaxPodGracePeriod")] + pub eviction_max_pod_grace_period: Option, + /// EvictionSoft is the map of signal names to quantities that define soft eviction thresholds + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoft")] + pub eviction_soft: Option>, + /// EvictionSoftGracePeriod is the map of signal names to quantities that define grace periods for each eviction signal + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoftGracePeriod")] + pub eviction_soft_grace_period: Option>, + /// ImageGCHighThresholdPercent is the percent of disk usage after which image + /// garbage collection is always run. The percent is calculated by dividing this + /// field value by 100, so this field must be between 0 and 100, inclusive. + /// When specified, the value must be greater than ImageGCLowThresholdPercent. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCHighThresholdPercent")] + pub image_gc_high_threshold_percent: Option, + /// ImageGCLowThresholdPercent is the percent of disk usage before which image + /// garbage collection is never run. Lowest disk usage to garbage collect to. + /// The percent is calculated by dividing this field value by 100, + /// so the field value must be between 0 and 100, inclusive. + /// When specified, the value must be less than imageGCHighThresholdPercent + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCLowThresholdPercent")] + pub image_gc_low_threshold_percent: Option, + /// KubeReserved contains resources reserved for Kubernetes system components. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeReserved")] + pub kube_reserved: Option>, + /// MaxPods is an override for the maximum number of pods that can run on + /// a worker node instance. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxPods")] + pub max_pods: Option, + /// PodsPerCore is an override for the number of pods that can run on a worker node + /// instance based on the number of cpu cores. This value cannot exceed MaxPods, so, if + /// MaxPods is a lower value, that value will be used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podsPerCore")] + pub pods_per_core: Option, + /// SystemReserved contains resources reserved for OS system daemons and kernel memory. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemReserved")] + pub system_reserved: Option>, +} + /// MetadataOptions for the generated launch template of provisioned nodes. /// /// diff --git a/kube-custom-resources-rs/src/karpenter_sh/v1/nodeclaims.rs b/kube-custom-resources-rs/src/karpenter_sh/v1/nodeclaims.rs index 6b055afe0..b1b3bd7d5 100644 --- a/kube-custom-resources-rs/src/karpenter_sh/v1/nodeclaims.rs +++ b/kube-custom-resources-rs/src/karpenter_sh/v1/nodeclaims.rs @@ -20,11 +20,12 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct NodeClaimSpec { - /// Kubelet defines args to be used when configuring kubelet on provisioned nodes. - /// They are a subset of the upstream types, recognizing not all options may be supported. - /// Wherever possible, the types and names should reflect the upstream kubelet types. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kubelet: Option, + /// ExpireAfter is the duration the controller will wait + /// before terminating a node, measured from when the node is created. This + /// is useful to implement features like eventually consistent node upgrade, + /// memory leak protection, and disruption testing. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "expireAfter")] + pub expire_after: Option, /// NodeClassRef is a reference to an object that defines provider specific configuration #[serde(rename = "nodeClassRef")] pub node_class_ref: NodeClaimNodeClassRef, @@ -42,72 +43,34 @@ pub struct NodeClaimSpec { /// Taints will be applied to the NodeClaim's node. #[serde(default, skip_serializing_if = "Option::is_none")] pub taints: Option>, -} - -/// Kubelet defines args to be used when configuring kubelet on provisioned nodes. -/// They are a subset of the upstream types, recognizing not all options may be supported. -/// Wherever possible, the types and names should reflect the upstream kubelet types. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct NodeClaimKubelet { - /// clusterDNS is a list of IP addresses for the cluster DNS server. - /// Note that not all providers may use all addresses. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDNS")] - pub cluster_dns: Option>, - /// CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCFSQuota")] - pub cpu_cfs_quota: Option, - /// EvictionHard is the map of signal names to quantities that define hard eviction thresholds - #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionHard")] - pub eviction_hard: Option>, - /// EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in - /// response to soft eviction thresholds being met. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionMaxPodGracePeriod")] - pub eviction_max_pod_grace_period: Option, - /// EvictionSoft is the map of signal names to quantities that define soft eviction thresholds - #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoft")] - pub eviction_soft: Option>, - /// EvictionSoftGracePeriod is the map of signal names to quantities that define grace periods for each eviction signal - #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoftGracePeriod")] - pub eviction_soft_grace_period: Option>, - /// ImageGCHighThresholdPercent is the percent of disk usage after which image - /// garbage collection is always run. The percent is calculated by dividing this - /// field value by 100, so this field must be between 0 and 100, inclusive. - /// When specified, the value must be greater than ImageGCLowThresholdPercent. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCHighThresholdPercent")] - pub image_gc_high_threshold_percent: Option, - /// ImageGCLowThresholdPercent is the percent of disk usage before which image - /// garbage collection is never run. Lowest disk usage to garbage collect to. - /// The percent is calculated by dividing this field value by 100, - /// so the field value must be between 0 and 100, inclusive. - /// When specified, the value must be less than imageGCHighThresholdPercent - #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCLowThresholdPercent")] - pub image_gc_low_threshold_percent: Option, - /// KubeReserved contains resources reserved for Kubernetes system components. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeReserved")] - pub kube_reserved: Option>, - /// MaxPods is an override for the maximum number of pods that can run on - /// a worker node instance. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxPods")] - pub max_pods: Option, - /// PodsPerCore is an override for the number of pods that can run on a worker node - /// instance based on the number of cpu cores. This value cannot exceed MaxPods, so, if - /// MaxPods is a lower value, that value will be used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podsPerCore")] - pub pods_per_core: Option, - /// SystemReserved contains resources reserved for OS system daemons and kernel memory. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemReserved")] - pub system_reserved: Option>, + /// TerminationGracePeriod is the maximum duration the controller will wait before forcefully deleting the pods on a node, measured from when deletion is first initiated. + /// + /// + /// Warning: this feature takes precedence over a Pod's terminationGracePeriodSeconds value, and bypasses any blocked PDBs or the karpenter.sh/do-not-disrupt annotation. + /// + /// + /// This field is intended to be used by cluster administrators to enforce that nodes can be cycled within a given time period. + /// When set, drifted nodes will begin draining even if there are pods blocking eviction. Draining will respect PDBs and the do-not-disrupt annotation until the TGP is reached. + /// + /// + /// Karpenter will preemptively delete pods so their terminationGracePeriodSeconds align with the node's terminationGracePeriod. + /// If a pod would be terminated without being granted its full terminationGracePeriodSeconds prior to the node timeout, + /// that pod will be deleted at T = node timeout - pod terminationGracePeriodSeconds. + /// + /// + /// The feature can also be used to allow maximum time limits for long-running jobs which can delay node termination with preStop hooks. + /// If left undefined, the controller will wait indefinitely for pods to be drained. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriod")] + pub termination_grace_period: Option, } /// NodeClassRef is a reference to an object that defines provider specific configuration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeClaimNodeClassRef { /// API version of the referent - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, + pub group: String, /// Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, + pub kind: String, /// Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names pub name: String, } diff --git a/kube-custom-resources-rs/src/karpenter_sh/v1/nodepools.rs b/kube-custom-resources-rs/src/karpenter_sh/v1/nodepools.rs index 98f4b2a94..d084bf2cc 100644 --- a/kube-custom-resources-rs/src/karpenter_sh/v1/nodepools.rs +++ b/kube-custom-resources-rs/src/karpenter_sh/v1/nodepools.rs @@ -8,6 +8,7 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; pub use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -57,12 +58,6 @@ pub struct NodePoolDisruption { /// algorithm. This policy defaults to "WhenUnderutilized" if not specified #[serde(default, skip_serializing_if = "Option::is_none", rename = "consolidationPolicy")] pub consolidation_policy: Option, - /// ExpireAfter is the duration the controller will wait - /// before terminating a node, measured from when the node is created. This - /// is useful to implement features like eventually consistent node upgrade, - /// memory leak protection, and disruption testing. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "expireAfter")] - pub expire_after: Option, } /// Budget defines when Karpenter will restrict the @@ -85,6 +80,11 @@ pub struct NodePoolDisruptionBudgets { /// checking for int nodes for IntOrString nodes. /// Ref: https://github.com/kubernetes-sigs/controller-tools/blob/55efe4be40394a288216dab63156b0a64fb82929/pkg/crd/markers/validation.go#L379-L388 pub nodes: String, + /// Reasons is a list of disruption methods that this budget applies to. If Reasons is not set, this budget applies to all methods. + /// Otherwise, this will apply to each reason defined. + /// allowed reasons are Underutilized, Empty, and Drifted. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reasons: Option>, /// Schedule specifies when a budget begins being active, following /// the upstream cronjob syntax. If omitted, the budget is always active. /// Timezones are not supported. @@ -129,19 +129,17 @@ pub struct NodePoolTemplateMetadata { /// NodeClaimSpec describes the desired state of the NodeClaim #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodePoolTemplateSpec { - /// Kubelet defines args to be used when configuring kubelet on provisioned nodes. - /// They are a subset of the upstream types, recognizing not all options may be supported. - /// Wherever possible, the types and names should reflect the upstream kubelet types. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kubelet: Option, + /// ExpireAfter is the duration the controller will wait + /// before terminating a node, measured from when the node is created. This + /// is useful to implement features like eventually consistent node upgrade, + /// memory leak protection, and disruption testing. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "expireAfter")] + pub expire_after: Option, /// NodeClassRef is a reference to an object that defines provider specific configuration #[serde(rename = "nodeClassRef")] pub node_class_ref: NodePoolTemplateSpecNodeClassRef, /// Requirements are layered with GetLabels and applied to every node. pub requirements: Vec, - /// Resources models the resource requirements for the NodeClaim to launch - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, /// StartupTaints are taints that are applied to nodes upon startup which are expected to be removed automatically /// within a short period of time, typically by a DaemonSet that tolerates the taint. These are commonly used by /// daemonsets to allow initialization and enforce startup ordering. StartupTaints are ignored for provisioning @@ -151,72 +149,34 @@ pub struct NodePoolTemplateSpec { /// Taints will be applied to the NodeClaim's node. #[serde(default, skip_serializing_if = "Option::is_none")] pub taints: Option>, -} - -/// Kubelet defines args to be used when configuring kubelet on provisioned nodes. -/// They are a subset of the upstream types, recognizing not all options may be supported. -/// Wherever possible, the types and names should reflect the upstream kubelet types. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct NodePoolTemplateSpecKubelet { - /// clusterDNS is a list of IP addresses for the cluster DNS server. - /// Note that not all providers may use all addresses. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDNS")] - pub cluster_dns: Option>, - /// CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCFSQuota")] - pub cpu_cfs_quota: Option, - /// EvictionHard is the map of signal names to quantities that define hard eviction thresholds - #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionHard")] - pub eviction_hard: Option>, - /// EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in - /// response to soft eviction thresholds being met. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionMaxPodGracePeriod")] - pub eviction_max_pod_grace_period: Option, - /// EvictionSoft is the map of signal names to quantities that define soft eviction thresholds - #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoft")] - pub eviction_soft: Option>, - /// EvictionSoftGracePeriod is the map of signal names to quantities that define grace periods for each eviction signal - #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoftGracePeriod")] - pub eviction_soft_grace_period: Option>, - /// ImageGCHighThresholdPercent is the percent of disk usage after which image - /// garbage collection is always run. The percent is calculated by dividing this - /// field value by 100, so this field must be between 0 and 100, inclusive. - /// When specified, the value must be greater than ImageGCLowThresholdPercent. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCHighThresholdPercent")] - pub image_gc_high_threshold_percent: Option, - /// ImageGCLowThresholdPercent is the percent of disk usage before which image - /// garbage collection is never run. Lowest disk usage to garbage collect to. - /// The percent is calculated by dividing this field value by 100, - /// so the field value must be between 0 and 100, inclusive. - /// When specified, the value must be less than imageGCHighThresholdPercent - #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCLowThresholdPercent")] - pub image_gc_low_threshold_percent: Option, - /// KubeReserved contains resources reserved for Kubernetes system components. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeReserved")] - pub kube_reserved: Option>, - /// MaxPods is an override for the maximum number of pods that can run on - /// a worker node instance. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxPods")] - pub max_pods: Option, - /// PodsPerCore is an override for the number of pods that can run on a worker node - /// instance based on the number of cpu cores. This value cannot exceed MaxPods, so, if - /// MaxPods is a lower value, that value will be used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podsPerCore")] - pub pods_per_core: Option, - /// SystemReserved contains resources reserved for OS system daemons and kernel memory. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemReserved")] - pub system_reserved: Option>, + /// TerminationGracePeriod is the maximum duration the controller will wait before forcefully deleting the pods on a node, measured from when deletion is first initiated. + /// + /// + /// Warning: this feature takes precedence over a Pod's terminationGracePeriodSeconds value, and bypasses any blocked PDBs or the karpenter.sh/do-not-disrupt annotation. + /// + /// + /// This field is intended to be used by cluster administrators to enforce that nodes can be cycled within a given time period. + /// When set, drifted nodes will begin draining even if there are pods blocking eviction. Draining will respect PDBs and the do-not-disrupt annotation until the TGP is reached. + /// + /// + /// Karpenter will preemptively delete pods so their terminationGracePeriodSeconds align with the node's terminationGracePeriod. + /// If a pod would be terminated without being granted its full terminationGracePeriodSeconds prior to the node timeout, + /// that pod will be deleted at T = node timeout - pod terminationGracePeriodSeconds. + /// + /// + /// The feature can also be used to allow maximum time limits for long-running jobs which can delay node termination with preStop hooks. + /// If left undefined, the controller will wait indefinitely for pods to be drained. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriod")] + pub termination_grace_period: Option, } /// NodeClassRef is a reference to an object that defines provider specific configuration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodePoolTemplateSpecNodeClassRef { /// API version of the referent - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, + pub group: String, /// Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, + pub kind: String, /// Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names pub name: String, } @@ -255,14 +215,6 @@ pub enum NodePoolTemplateSpecRequirementsOperator { Lt, } -/// Resources models the resource requirements for the NodeClaim to launch -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct NodePoolTemplateSpecResources { - /// Requests describes the minimum required resources for the NodeClaim to launch - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - /// The node this Taint is attached to has the "effect" on /// any pod that does not tolerate the Taint. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] @@ -322,6 +274,9 @@ pub enum NodePoolTemplateSpecTaintsEffect { /// NodePoolStatus defines the observed state of NodePool #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodePoolStatus { + /// Conditions contains signals for health and readiness + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, /// Resources is the list of resources that have been provisioned. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option>, diff --git a/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodeclaims.rs b/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodeclaims.rs index 9769acc8a..517cc3806 100644 --- a/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodeclaims.rs +++ b/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodeclaims.rs @@ -42,6 +42,25 @@ pub struct NodeClaimSpec { /// Taints will be applied to the NodeClaim's node. #[serde(default, skip_serializing_if = "Option::is_none")] pub taints: Option>, + /// TerminationGracePeriod is the maximum duration the controller will wait before forcefully deleting the pods on a node, measured from when deletion is first initiated. + /// + /// + /// Warning: this feature takes precedence over a Pod's terminationGracePeriodSeconds value, and bypasses any blocked PDBs or the karpenter.sh/do-not-disrupt annotation. + /// + /// + /// This field is intended to be used by cluster administrators to enforce that nodes can be cycled within a given time period. + /// When set, drifted nodes will begin draining even if there are pods blocking eviction. Draining will respect PDBs and the do-not-disrupt annotation until the TGP is reached. + /// + /// + /// Karpenter will preemptively delete pods so their terminationGracePeriodSeconds align with the node's terminationGracePeriod. + /// If a pod would be terminated without being granted its full terminationGracePeriodSeconds prior to the node timeout, + /// that pod will be deleted at T = node timeout - pod terminationGracePeriodSeconds. + /// + /// + /// The feature can also be used to allow maximum time limits for long-running jobs which can delay node termination with preStop hooks. + /// If left undefined, the controller will wait indefinitely for pods to be drained. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriod")] + pub termination_grace_period: Option, } /// Kubelet defines args to be used when configuring kubelet on provisioned nodes. diff --git a/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodepools.rs b/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodepools.rs index 1f8ad7441..af3322f52 100644 --- a/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodepools.rs +++ b/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodepools.rs @@ -8,6 +8,7 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; pub use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -87,7 +88,7 @@ pub struct NodePoolDisruptionBudgets { pub nodes: String, /// Reasons is a list of disruption methods that this budget applies to. If Reasons is not set, this budget applies to all methods. /// Otherwise, this will apply to each reason defined. - /// allowed reasons are underutilized, expired, empty, and drifted. + /// allowed reasons are Underutilized, Empty, and Drifted. #[serde(default, skip_serializing_if = "Option::is_none")] pub reasons: Option>, /// Schedule specifies when a budget begins being active, following @@ -156,6 +157,25 @@ pub struct NodePoolTemplateSpec { /// Taints will be applied to the NodeClaim's node. #[serde(default, skip_serializing_if = "Option::is_none")] pub taints: Option>, + /// TerminationGracePeriod is the maximum duration the controller will wait before forcefully deleting the pods on a node, measured from when deletion is first initiated. + /// + /// + /// Warning: this feature takes precedence over a Pod's terminationGracePeriodSeconds value, and bypasses any blocked PDBs or the karpenter.sh/do-not-disrupt annotation. + /// + /// + /// This field is intended to be used by cluster administrators to enforce that nodes can be cycled within a given time period. + /// When set, drifted nodes will begin draining even if there are pods blocking eviction. Draining will respect PDBs and the do-not-disrupt annotation until the TGP is reached. + /// + /// + /// Karpenter will preemptively delete pods so their terminationGracePeriodSeconds align with the node's terminationGracePeriod. + /// If a pod would be terminated without being granted its full terminationGracePeriodSeconds prior to the node timeout, + /// that pod will be deleted at T = node timeout - pod terminationGracePeriodSeconds. + /// + /// + /// The feature can also be used to allow maximum time limits for long-running jobs which can delay node termination with preStop hooks. + /// If left undefined, the controller will wait indefinitely for pods to be drained. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriod")] + pub termination_grace_period: Option, } /// Kubelet defines args to be used when configuring kubelet on provisioned nodes. @@ -327,6 +347,9 @@ pub enum NodePoolTemplateSpecTaintsEffect { /// NodePoolStatus defines the observed state of NodePool #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodePoolStatus { + /// Conditions contains signals for health and readiness + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, /// Resources is the list of resources that have been provisioned. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option>, diff --git a/kube-custom-resources-rs/src/kuadrant_io/v1alpha1/dnsrecords.rs b/kube-custom-resources-rs/src/kuadrant_io/v1alpha1/dnsrecords.rs index c7c5a86ba..58a2dffdf 100644 --- a/kube-custom-resources-rs/src/kuadrant_io/v1alpha1/dnsrecords.rs +++ b/kube-custom-resources-rs/src/kuadrant_io/v1alpha1/dnsrecords.rs @@ -37,6 +37,7 @@ pub struct DNSRecordSpec { pub owner_id: Option, /// rootHost is the single root for all endpoints in a DNSRecord. /// it is expected all defined endpoints are children of or equal to this rootHost + /// Must contain at least two groups of valid URL characters separated by a "." #[serde(rename = "rootHost")] pub root_host: String, } @@ -81,12 +82,17 @@ pub struct DNSRecordEndpointsProviderSpecific { /// the listeners assigned to the target gateway #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DNSRecordHealthCheck { + /// Endpoint is the path to append to the host to reach the expected health check. + /// Must start with "?" or "/", contain only valid URL characters and end with alphanumeric char or "/". For example "/" or "/healthz" are common #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoint: Option, + /// FailureThreshold is a limit of consecutive failures that must occur for a host to be considered unhealthy #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// Port to connect to the host on. Must be either 80, 443 or 1024-49151 #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, + /// Protocol to use when connecting to the host, valid values are "HTTP" or "HTTPS" #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } diff --git a/kube-custom-resources-rs/src/kuadrant_io/v1beta1/kuadrants.rs b/kube-custom-resources-rs/src/kuadrant_io/v1beta1/kuadrants.rs index b2f191b8e..e5ffc1a4d 100644 --- a/kube-custom-resources-rs/src/kuadrant_io/v1beta1/kuadrants.rs +++ b/kube-custom-resources-rs/src/kuadrant_io/v1beta1/kuadrants.rs @@ -32,6 +32,9 @@ pub struct KuadrantLimitador { pub affinity: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub pdb: Option, + /// RateLimitHeadersType defines the valid options for the --rate-limit-headers arg + #[serde(default, skip_serializing_if = "Option::is_none", rename = "rateLimitHeaders")] + pub rate_limit_headers: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, /// ResourceRequirements describes the compute resource requirements. @@ -40,6 +43,12 @@ pub struct KuadrantLimitador { /// Storage contains the options for Limitador counters database or in-memory data storage #[serde(default, skip_serializing_if = "Option::is_none")] pub storage: Option, + /// Telemetry defines the level of metrics Limitador will expose to the user + #[serde(default, skip_serializing_if = "Option::is_none")] + pub telemetry: Option, + /// Sets the level of verbosity + #[serde(default, skip_serializing_if = "Option::is_none")] + pub verbosity: Option, } /// Affinity is a group of affinity scheduling rules. @@ -237,8 +246,31 @@ pub struct KuadrantLimitadorAffinityPodAffinityPreferredDuringSchedulingIgnoredD #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KuadrantLimitadorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -262,6 +294,7 @@ pub struct KuadrantLimitadorAffinityPodAffinityPreferredDuringSchedulingIgnoredD } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KuadrantLimitadorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -334,8 +367,31 @@ pub struct KuadrantLimitadorAffinityPodAffinityPreferredDuringSchedulingIgnoredD #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KuadrantLimitadorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -359,6 +415,7 @@ pub struct KuadrantLimitadorAffinityPodAffinityRequiredDuringSchedulingIgnoredDu } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KuadrantLimitadorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -462,8 +519,31 @@ pub struct KuadrantLimitadorAffinityPodAntiAffinityPreferredDuringSchedulingIgno #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KuadrantLimitadorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -487,6 +567,7 @@ pub struct KuadrantLimitadorAffinityPodAntiAffinityPreferredDuringSchedulingIgno } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KuadrantLimitadorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -559,8 +640,31 @@ pub struct KuadrantLimitadorAffinityPodAntiAffinityPreferredDuringSchedulingIgno #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KuadrantLimitadorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -584,6 +688,7 @@ pub struct KuadrantLimitadorAffinityPodAntiAffinityRequiredDuringSchedulingIgnor } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KuadrantLimitadorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -663,6 +768,14 @@ pub struct KuadrantLimitadorPdb { pub min_available: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum KuadrantLimitadorRateLimitHeaders { + #[serde(rename = "NONE")] + None, + #[serde(rename = "DRAFT_VERSION_03")] + DraftVersion03, +} + /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KuadrantLimitadorResourceRequirements { @@ -791,18 +904,26 @@ pub struct KuadrantLimitadorStorageRedisCachedConfigSecretRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KuadrantLimitadorStorageRedisCachedOptions { + /// BatchSize defines the size of entries to flush in as single flush [default: 100] + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batch-size")] + pub batch_size: Option, /// FlushPeriod for counters in milliseconds [default: 1000] #[serde(default, skip_serializing_if = "Option::is_none", rename = "flush-period")] pub flush_period: Option, /// MaxCached refers to the maximum amount of counters cached [default: 10000] #[serde(default, skip_serializing_if = "Option::is_none", rename = "max-cached")] pub max_cached: Option, - /// Ratio to apply to the TTL from Redis on cached counters [default: 10] - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ratio: Option, - /// TTL for cached counters in milliseconds [default: 5000] - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ttl: Option, + /// ResponseTimeout defines the timeout for Redis commands in milliseconds [default: 350] + #[serde(default, skip_serializing_if = "Option::is_none", rename = "response-timeout")] + pub response_timeout: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum KuadrantLimitadorTelemetry { + #[serde(rename = "basic")] + Basic, + #[serde(rename = "exhaustive")] + Exhaustive, } /// KuadrantStatus defines the observed state of Kuadrant diff --git a/kube-custom-resources-rs/src/kuadrant_io/v1beta2/ratelimitpolicies.rs b/kube-custom-resources-rs/src/kuadrant_io/v1beta2/ratelimitpolicies.rs index 50f905c34..184d5ce81 100644 --- a/kube-custom-resources-rs/src/kuadrant_io/v1beta2/ratelimitpolicies.rs +++ b/kube-custom-resources-rs/src/kuadrant_io/v1beta2/ratelimitpolicies.rs @@ -999,12 +999,6 @@ pub struct RateLimitPolicyTargetRef { pub kind: String, /// Name is the name of the target resource. pub name: String, - /// Namespace is the namespace of the referent. When unspecified, the local - /// namespace is inferred. Even when policy targets a resource in a different - /// namespace, it MUST only apply to traffic originating from the same - /// namespace as the policy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, } /// RateLimitPolicyStatus defines the observed state of RateLimitPolicy diff --git a/kube-custom-resources-rs/src/kube_green_com/v1alpha1/sleepinfos.rs b/kube-custom-resources-rs/src/kube_green_com/v1alpha1/sleepinfos.rs index a43adc495..def7af8d1 100644 --- a/kube-custom-resources-rs/src/kube_green_com/v1alpha1/sleepinfos.rs +++ b/kube-custom-resources-rs/src/kube_green_com/v1alpha1/sleepinfos.rs @@ -22,6 +22,9 @@ pub struct SleepInfoSpec { /// ExcludeRef define the resource to exclude from the sleep. #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludeRef")] pub exclude_ref: Option>, + /// IncludeRef define the resource to include from the sleep. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "includeRef")] + pub include_ref: Option>, /// Patches is a list of json 6902 patches to apply to the target resources. #[serde(default, skip_serializing_if = "Option::is_none")] pub patches: Option>, @@ -61,6 +64,7 @@ pub struct SleepInfoSpec { pub weekdays: String, } +/// Common type to use for both IncludeRef and ExcludeRef to prevent duplication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SleepInfoExcludeRef { /// ApiVersion of the kubernetes resources. @@ -79,6 +83,25 @@ pub struct SleepInfoExcludeRef { pub name: Option, } +/// Common type to use for both IncludeRef and ExcludeRef to prevent duplication +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SleepInfoIncludeRef { + /// ApiVersion of the kubernetes resources. + /// Supported api version is "apps/v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Kind of the kubernetes resources of the specific version. + /// Supported kind are "Deployment" and "CronJob". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// MatchLabels which identify the kubernetes resource by labels + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, + /// Name which identify the kubernetes resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SleepInfoPatches { /// Patch is the json6902 patch to apply to the target resource. diff --git a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/clusterqueues.rs b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/clusterqueues.rs index bf17f0a2f..0a24a3340 100644 --- a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/clusterqueues.rs +++ b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/clusterqueues.rs @@ -496,8 +496,8 @@ pub struct ClusterQueueStatusFairSharing { /// If zero, it means that the usage of the ClusterQueue is below the nominal quota. /// If the ClusterQueue has a weight of zero, this will return 9223372036854775807, /// the maximum possible share value. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "weightedShare")] - pub weighted_share: Option, + #[serde(rename = "weightedShare")] + pub weighted_share: i64, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/circuitbreakers.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/circuitbreakers.rs index 471f45f98..aba7741ec 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/circuitbreakers.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/circuitbreakers.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/dataplaneinsights.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/dataplaneinsights.rs index 671552c55..4577143db 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/dataplaneinsights.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/dataplaneinsights.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/dataplanes.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/dataplanes.rs index fe9ef5a88..149a1e9eb 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/dataplanes.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/dataplanes.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/externalservices.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/externalservices.rs index cca6b5c3b..b86e69b53 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/externalservices.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/externalservices.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/faultinjections.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/faultinjections.rs index 3d82f9dfa..9ecce59ed 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/faultinjections.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/faultinjections.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/healthchecks.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/healthchecks.rs index 5f42a17e5..03d983784 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/healthchecks.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/healthchecks.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshes.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshes.rs index 71d10e065..ac59e6166 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshes.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshes.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshgatewayroutes.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshgatewayroutes.rs index 66a503b19..ac9146a60 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshgatewayroutes.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshgatewayroutes.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshgateways.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshgateways.rs index 4f53719c9..982baad6f 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshgateways.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshgateways.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshinsights.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshinsights.rs index a98dbe868..a874c618b 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshinsights.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshinsights.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/proxytemplates.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/proxytemplates.rs index 571036f66..2f29053c5 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/proxytemplates.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/proxytemplates.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/ratelimits.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/ratelimits.rs index d86bb6ce6..40cdfb825 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/ratelimits.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/ratelimits.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/retries.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/retries.rs index bdf23cca6..bc4a551f8 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/retries.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/retries.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/serviceinsights.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/serviceinsights.rs index f4d4dabba..0357e4434 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/serviceinsights.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/serviceinsights.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/timeouts.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/timeouts.rs index 4786eed8e..a64517e5d 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/timeouts.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/timeouts.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/trafficlogs.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/trafficlogs.rs index fe15d68a2..17f6c138a 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/trafficlogs.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/trafficlogs.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/trafficpermissions.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/trafficpermissions.rs index 2ae4e0a77..898fc1bba 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/trafficpermissions.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/trafficpermissions.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/trafficroutes.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/trafficroutes.rs index 738b65f90..93c2960f4 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/trafficroutes.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/trafficroutes.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/traffictraces.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/traffictraces.rs index 67c0f02b2..9e3c7c3c6 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/traffictraces.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/traffictraces.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/virtualoutbounds.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/virtualoutbounds.rs index 709074656..54c1e07f0 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/virtualoutbounds.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/virtualoutbounds.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneegresses.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneegresses.rs index a2d9f2ded..9fb788379 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneegresses.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneegresses.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneegressinsights.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneegressinsights.rs index 1e60207b3..bedc05452 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneegressinsights.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneegressinsights.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneingresses.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneingresses.rs index 84137651e..8bf660db5 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneingresses.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneingresses.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneingressinsights.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneingressinsights.rs index 1d9951456..a42617710 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneingressinsights.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneingressinsights.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneinsights.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneinsights.rs index 2e472f991..ccff4c89d 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneinsights.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/zoneinsights.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/zones.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/zones.rs index 5acedae3f..b8ce233bc 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/zones.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/zones.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/leaksignal_com/v1/cluster_leaksignal_istios.rs b/kube-custom-resources-rs/src/leaksignal_com/v1/cluster_leaksignal_istios.rs index c5ae184fe..96e733d02 100644 --- a/kube-custom-resources-rs/src/leaksignal_com/v1/cluster_leaksignal_istios.rs +++ b/kube-custom-resources-rs/src/leaksignal_com/v1/cluster_leaksignal_istios.rs @@ -22,6 +22,9 @@ pub struct ClusterLeaksignalIstioSpec { /// Location of CA bundle in istio-proxy. Default is `/etc/ssl/certs/ca-certificates.crt` which is suitable for Istio. OpenShift Service Mesh requires `/etc/ssl/certs/ca-bundle.crt`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundle")] pub ca_bundle: Option, + /// If true (default), then certificates are installed in pods for outbound TLS interception. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableClientInterception")] + pub enable_client_interception: Option, /// If `true` (default), then L4 streams are also scanned by LeakSignal Proxy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableStreaming")] pub enable_streaming: Option, diff --git a/kube-custom-resources-rs/src/leaksignal_com/v1/leaksignal_istios.rs b/kube-custom-resources-rs/src/leaksignal_com/v1/leaksignal_istios.rs index c3ed6ec13..f96ae710c 100644 --- a/kube-custom-resources-rs/src/leaksignal_com/v1/leaksignal_istios.rs +++ b/kube-custom-resources-rs/src/leaksignal_com/v1/leaksignal_istios.rs @@ -23,6 +23,9 @@ pub struct LeaksignalIstioSpec { /// Location of CA bundle in istio-proxy. Default is `/etc/ssl/certs/ca-certificates.crt` which is suitable for Istio. OpenShift Service Mesh requires `/etc/ssl/certs/ca-bundle.crt`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundle")] pub ca_bundle: Option, + /// If true (default), then certificates are installed in pods for outbound TLS interception. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableClientInterception")] + pub enable_client_interception: Option, /// If `true` (default), then L4 streams are also scanned by LeakSignal Proxy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableStreaming")] pub enable_streaming: Option, diff --git a/kube-custom-resources-rs/src/lib.rs b/kube-custom-resources-rs/src/lib.rs index 1097eb408..8e8013ef7 100644 --- a/kube-custom-resources-rs/src/lib.rs +++ b/kube-custom-resources-rs/src/lib.rs @@ -667,6 +667,9 @@ apiVersion `chisel-operator.io/v1`: - `ExitNodeProvisioner` - `ExitNode` +apiVersion `chisel-operator.io/v2`: +- `ExitNode` + ## cilium_io apiVersion `cilium.io/v2`: diff --git a/kube-custom-resources-rs/src/limitador_kuadrant_io/v1alpha1/limitadors.rs b/kube-custom-resources-rs/src/limitador_kuadrant_io/v1alpha1/limitadors.rs index 9fcbca5fb..8acea7842 100644 --- a/kube-custom-resources-rs/src/limitador_kuadrant_io/v1alpha1/limitadors.rs +++ b/kube-custom-resources-rs/src/limitador_kuadrant_io/v1alpha1/limitadors.rs @@ -51,7 +51,8 @@ pub struct LimitadorSpec { /// Sets the level of verbosity #[serde(default, skip_serializing_if = "Option::is_none")] pub verbosity: Option, - /// [Deprecated] Use spec.image instead. Docker tag used as limitador image. The repo is hardcoded to quay.io/kuadrant/limitador + /// [Deprecated] Use spec.image instead. + /// Docker tag used as limitador image. The repo is hardcoded to quay.io/kuadrant/limitador #[serde(default, skip_serializing_if = "Option::is_none")] pub version: Option, } @@ -73,15 +74,28 @@ pub struct LimitadorAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -101,31 +115,47 @@ pub struct LimitadorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringEx pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -133,7 +163,9 @@ pub struct LimitadorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExe pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -144,26 +176,38 @@ pub struct LimitadorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExe pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -171,10 +215,24 @@ pub struct LimitadorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExe /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -185,7 +243,8 @@ pub struct LimitadorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExe /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: LimitadorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } @@ -195,13 +254,24 @@ pub struct LimitadorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExe /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -212,59 +282,93 @@ pub struct LimitadorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExe /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -275,42 +379,60 @@ pub struct LimitadorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExec /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -318,10 +440,24 @@ pub struct LimitadorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExec /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -332,7 +468,8 @@ pub struct LimitadorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDurin /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: LimitadorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } @@ -342,13 +479,24 @@ pub struct LimitadorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDurin /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -359,59 +507,93 @@ pub struct LimitadorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDurin /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -422,42 +604,60 @@ pub struct LimitadorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuring /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -496,10 +696,16 @@ pub struct LimitadorListenerHttp { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorPdb { - /// An eviction is allowed if at most "maxUnavailable" limitador pods are unavailable after the eviction, i.e. even in absence of the evicted pod. For example, one can prevent all voluntary evictions by specifying 0. This is a mutually exclusive setting with "minAvailable". + /// An eviction is allowed if at most "maxUnavailable" limitador pods + /// are unavailable after the eviction, i.e. even in absence of + /// the evicted pod. For example, one can prevent all voluntary evictions + /// by specifying 0. This is a mutually exclusive setting with "minAvailable". #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, - /// An eviction is allowed if at least "minAvailable" limitador pods will still be available after the eviction, i.e. even in the absence of the evicted pod. So for example you can prevent all voluntary evictions by specifying "100%". + /// An eviction is allowed if at least "minAvailable" limitador pods will + /// still be available after the eviction, i.e. even in the absence of + /// the evicted pod. So for example you can prevent all voluntary + /// evictions by specifying "100%". #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAvailable")] pub min_available: Option, } @@ -516,15 +722,25 @@ pub enum LimitadorRateLimitHeaders { /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorResourceRequirements { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -532,7 +748,9 @@ pub struct LimitadorResourceRequirements { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorResourceRequirementsClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -566,7 +784,8 @@ pub enum LimitadorStorageDiskOptimize { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorStorageDiskPersistentVolumeClaim { - /// Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set + /// Resources represents the minimum resources the volume should have. + /// Ignored when VolumeName field is set #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] @@ -576,41 +795,52 @@ pub struct LimitadorStorageDiskPersistentVolumeClaim { pub volume_name: Option, } -/// Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set +/// Resources represents the minimum resources the volume should have. +/// Ignored when VolumeName field is set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorStorageDiskPersistentVolumeClaimResources { - /// Storage Resource requests to be used on the PersistentVolumeClaim. To learn more about resource requests see: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Storage Resource requests to be used on the PersistentVolumeClaim. + /// To learn more about resource requests see: + /// https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ pub requests: IntOrString, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorStorageRedis { - /// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + /// LocalObjectReference contains enough information to let you locate the + /// referenced object inside the same namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configSecretRef")] pub config_secret_ref: Option, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorStorageRedisConfigSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorStorageRedisCached { - /// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + /// LocalObjectReference contains enough information to let you locate the + /// referenced object inside the same namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configSecretRef")] pub config_secret_ref: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorStorageRedisCachedConfigSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -648,7 +878,8 @@ pub struct LimitadorTracing { /// LimitadorStatus defines the observed state of Limitador #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LimitadorStatus { - /// Represents the observations of a foo's current state. Known .status.conditions.type are: "Ready" + /// Represents the observations of a foo's current state. + /// Known .status.conditions.type are: "Ready" #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// ObservedGeneration reflects the generation of the most recently observed spec. diff --git a/kube-custom-resources-rs/src/litmuschaos_io/v1alpha1/chaosresults.rs b/kube-custom-resources-rs/src/litmuschaos_io/v1alpha1/chaosresults.rs index ef6afa3f7..fc8d11f21 100644 --- a/kube-custom-resources-rs/src/litmuschaos_io/v1alpha1/chaosresults.rs +++ b/kube-custom-resources-rs/src/litmuschaos_io/v1alpha1/chaosresults.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusteroutputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusteroutputs.rs index 7cc378179..7bda2fc2e 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusteroutputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusteroutputs.rs @@ -3439,6 +3439,8 @@ pub struct ClusterOutputKafka { #[serde(default, skip_serializing_if = "Option::is_none")] pub use_default_for_unknown_topic: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub use_rdkafka: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub username: Option, } diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/outputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/outputs.rs index 5cccb6e87..5998cdfbd 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/outputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/outputs.rs @@ -3427,6 +3427,8 @@ pub struct OutputKafka { #[serde(default, skip_serializing_if = "Option::is_none")] pub use_default_for_unknown_topic: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub use_rdkafka: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub username: Option, } diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusteroutputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusteroutputs.rs index edd8c1fe9..853b8727d 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusteroutputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusteroutputs.rs @@ -3439,6 +3439,8 @@ pub struct ClusterOutputKafka { #[serde(default, skip_serializing_if = "Option::is_none")] pub use_default_for_unknown_topic: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub use_rdkafka: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub username: Option, } diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/outputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/outputs.rs index 05d72fd5b..30957647a 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/outputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/outputs.rs @@ -3435,6 +3435,8 @@ pub struct OutputKafka { #[serde(default, skip_serializing_if = "Option::is_none")] pub use_default_for_unknown_topic: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub use_rdkafka: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub username: Option, } diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngclusteroutputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngclusteroutputs.rs index 80fe4b8d0..43cec0909 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngclusteroutputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngclusteroutputs.rs @@ -20,6 +20,8 @@ use self::prelude::*; pub struct SyslogNGClusterOutputSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub elasticsearch: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "elasticsearch-datastream")] + pub elasticsearch_datastream: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enabledNamespaces")] pub enabled_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -368,6 +370,308 @@ pub enum SyslogNGClusterOutputElasticsearchTlsSslVersion { Tlsv13, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastream { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batch-bytes")] + pub batch_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batch-lines")] + pub batch_lines: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batch-timeout")] + pub batch_timeout: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "body-prefix")] + pub body_prefix: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "body-suffix")] + pub body_suffix: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub delimiter: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disk_buffer: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log-fifo-size")] + pub log_fifo_size: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub method: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub persist_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub record: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "response-action")] + pub response_action: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub retries: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub time_reopen: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub timeout: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tls: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "user-agent")] + pub user_agent: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub workers: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamDiskBuffer { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub compaction: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub dir: Option, + pub disk_buf_size: i64, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mem_buf_length: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mem_buf_size: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub q_out_size: Option, + pub reliable: bool, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamPassword { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamPasswordMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamPasswordMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamPasswordValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamPasswordValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTls { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca_dir: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca_file: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert_file: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cipher-suite")] + pub cipher_suite: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key_file: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub peer_verify: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ssl_version: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "use-system-cert-store")] + pub use_system_cert_store: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCaDir { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCaDirMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCaDirMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCaDirValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCaDirValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCaFile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCaFileMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCaFileMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCaFileValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCaFileValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCertFile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCertFileMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCertFileMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCertFileValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsCertFileValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsKeyFile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsKeyFileMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsKeyFileMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsKeyFileValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputElasticsearchDatastreamTlsKeyFileValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum SyslogNGClusterOutputElasticsearchDatastreamTlsSslVersion { + #[serde(rename = "sslv3")] + Sslv3, + #[serde(rename = "tlsv1")] + Tlsv1, + #[serde(rename = "tlsv1_0")] + Tlsv10, + #[serde(rename = "tlsv1_1")] + Tlsv11, + #[serde(rename = "tlsv1_2")] + Tlsv12, + #[serde(rename = "tlsv1_3")] + Tlsv13, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SyslogNGClusterOutputFile { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngoutputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngoutputs.rs index ca8135460..139195cd6 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngoutputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngoutputs.rs @@ -20,6 +20,8 @@ use self::prelude::*; pub struct SyslogNGOutputSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub elasticsearch: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "elasticsearch-datastream")] + pub elasticsearch_datastream: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub file: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -366,6 +368,308 @@ pub enum SyslogNGOutputElasticsearchTlsSslVersion { Tlsv13, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastream { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batch-bytes")] + pub batch_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batch-lines")] + pub batch_lines: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batch-timeout")] + pub batch_timeout: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "body-prefix")] + pub body_prefix: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "body-suffix")] + pub body_suffix: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub delimiter: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disk_buffer: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log-fifo-size")] + pub log_fifo_size: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub method: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub persist_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub record: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "response-action")] + pub response_action: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub retries: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub time_reopen: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub timeout: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tls: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "user-agent")] + pub user_agent: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub workers: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamDiskBuffer { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub compaction: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub dir: Option, + pub disk_buf_size: i64, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mem_buf_length: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mem_buf_size: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub q_out_size: Option, + pub reliable: bool, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamPassword { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamPasswordMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamPasswordMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamPasswordValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamPasswordValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTls { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca_dir: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca_file: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert_file: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cipher-suite")] + pub cipher_suite: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key_file: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub peer_verify: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ssl_version: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "use-system-cert-store")] + pub use_system_cert_store: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCaDir { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCaDirMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCaDirMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCaDirValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCaDirValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCaFile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCaFileMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCaFileMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCaFileValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCaFileValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCertFile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCertFileMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCertFileMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCertFileValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsCertFileValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsKeyFile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsKeyFileMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsKeyFileMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsKeyFileValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputElasticsearchDatastreamTlsKeyFileValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum SyslogNGOutputElasticsearchDatastreamTlsSslVersion { + #[serde(rename = "sslv3")] + Sslv3, + #[serde(rename = "tlsv1")] + Tlsv1, + #[serde(rename = "tlsv1_0")] + Tlsv10, + #[serde(rename = "tlsv1_1")] + Tlsv11, + #[serde(rename = "tlsv1_2")] + Tlsv12, + #[serde(rename = "tlsv1_3")] + Tlsv13, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SyslogNGOutputFile { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/loki_grafana_com/v1/lokistacks.rs b/kube-custom-resources-rs/src/loki_grafana_com/v1/lokistacks.rs index fa042a14a..d08695876 100644 --- a/kube-custom-resources-rs/src/loki_grafana_com/v1/lokistacks.rs +++ b/kube-custom-resources-rs/src/loki_grafana_com/v1/lokistacks.rs @@ -187,6 +187,9 @@ pub struct LokiStackLimitsGlobalQueries { /// that is returned by a metric query. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxQuerySeries")] pub max_query_series: Option, + /// MaxVolumeSeries defines the maximum number of aggregated series in a log-volume response + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVolumeSeries")] + pub max_volume_series: Option, /// Timeout when querying ingesters or storage during the execution of a query request. #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryTimeout")] pub query_timeout: Option, @@ -291,6 +294,9 @@ pub struct LokiStackLimitsTenantsQueries { /// that is returned by a metric query. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxQuerySeries")] pub max_query_series: Option, + /// MaxVolumeSeries defines the maximum number of aggregated series in a log-volume response + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVolumeSeries")] + pub max_volume_series: Option, /// Timeout when querying ingesters or storage during the execution of a query request. #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryTimeout")] pub query_timeout: Option, diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/backingimagedatasources.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/backingimagedatasources.rs index e7d883255..b08ff267b 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/backingimagedatasources.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/backingimagedatasources.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/backingimagemanagers.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/backingimagemanagers.rs index 2f3b8335e..62741bd80 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/backingimagemanagers.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/backingimagemanagers.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/backingimages.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/backingimages.rs index 92ab84248..27d7ca017 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/backingimages.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/backingimages.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/backups.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/backups.rs index 6751180e1..8f4a2910b 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/backups.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/backups.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/backuptargets.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/backuptargets.rs index 5f54236fc..e5c42151a 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/backuptargets.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/backuptargets.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/backupvolumes.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/backupvolumes.rs index da2995103..9a496e22e 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/backupvolumes.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/backupvolumes.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/engineimages.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/engineimages.rs index 96eeb2fb9..05897c4ab 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/engineimages.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/engineimages.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/engines.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/engines.rs index 5144a21aa..07ed24ee3 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/engines.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/engines.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/instancemanagers.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/instancemanagers.rs index 2ddf68521..55a8aa8b5 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/instancemanagers.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/instancemanagers.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/nodes.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/nodes.rs index 1d1bf3637..1a32c079e 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/nodes.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/nodes.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/recurringjobs.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/recurringjobs.rs index 228c25fcc..607dd22b5 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/recurringjobs.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/recurringjobs.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/replicas.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/replicas.rs index fdf217f66..71ce8725b 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/replicas.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/replicas.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/settings.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/settings.rs index be697e03f..8f25fa087 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/settings.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/settings.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/sharemanagers.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/sharemanagers.rs index 99ee46411..4165165bf 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/sharemanagers.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/sharemanagers.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta1/volumes.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta1/volumes.rs index 2adedac9e..bfaf13896 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta1/volumes.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta1/volumes.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimages.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimages.rs index 9acd311ca..707596fe9 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimages.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimages.rs @@ -21,8 +21,17 @@ use self::prelude::*; pub struct BackingImageSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub checksum: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskFileSpecMap")] + pub disk_file_spec_map: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskSelector")] + pub disk_selector: Option>, + /// Deprecated. We are now using DiskFileSpecMap to assign different spec to the file on different disks. #[serde(default, skip_serializing_if = "Option::is_none")] pub disks: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minNumberOfCopies")] + pub min_number_of_copies: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretNamespace")] @@ -33,6 +42,12 @@ pub struct BackingImageSpec { pub source_type: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackingImageDiskFileSpecMap { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionRequested")] + pub eviction_requested: Option, +} + /// BackingImageSpec defines the desired state of the Longhorn backing image #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum BackingImageSourceType { diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backupbackingimages.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backupbackingimages.rs index 60c076de7..7cfe8d7e1 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backupbackingimages.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backupbackingimages.rs @@ -25,7 +25,8 @@ pub struct BackupBackingImageSpec { /// The time to request run sync the remote backing image backup. #[serde(default, skip_serializing_if = "Option::is_none", rename = "syncRequestedAt")] pub sync_requested_at: Option, - /// Is this CR created by user through API or UI. Required + /// Is this CR created by user through API or UI. + /// Required #[serde(rename = "userCreated")] pub user_created: bool, } @@ -69,7 +70,8 @@ pub struct BackupBackingImageStatus { /// The backing image size. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, - /// The backing image backup creation state. Can be "", "InProgress", "Completed", "Error", "Unknown". + /// The backing image backup creation state. + /// Can be "", "InProgress", "Completed", "Error", "Unknown". #[serde(default, skip_serializing_if = "Option::is_none")] pub state: Option, /// The backing image backup URL. diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backups.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backups.rs index 1a0759956..626d7e40d 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backups.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backups.rs @@ -19,6 +19,10 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct BackupSpec { + /// The backup mode of this backup. + /// Can be "full" or "incremental" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupMode")] + pub backup_mode: Option, /// The labels of snapshot backup. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, @@ -30,6 +34,17 @@ pub struct BackupSpec { pub sync_requested_at: Option, } +/// BackupSpec defines the desired state of the Longhorn backup +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum BackupBackupMode { + #[serde(rename = "full")] + Full, + #[serde(rename = "incremental")] + Incremental, + #[serde(rename = "")] + KopiumEmpty, +} + /// BackupStatus defines the observed state of the Longhorn backup #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStatus { @@ -51,12 +66,18 @@ pub struct BackupStatus { /// The error messages when calling longhorn engine on listing or inspecting backups. #[serde(default, skip_serializing_if = "Option::is_none")] pub messages: Option>, + /// Size in bytes of newly uploaded data + #[serde(default, skip_serializing_if = "Option::is_none", rename = "newlyUploadDataSize")] + pub newly_upload_data_size: Option, /// The node ID on which the controller is responsible to reconcile this backup CR. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ownerID")] pub owner_id: Option, /// The snapshot backup progress. #[serde(default, skip_serializing_if = "Option::is_none")] pub progress: Option, + /// Size in bytes of reuploaded data + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reUploadedDataSize")] + pub re_uploaded_data_size: Option, /// The address of the replica that runs snapshot backup. #[serde(default, skip_serializing_if = "Option::is_none", rename = "replicaAddress")] pub replica_address: Option, @@ -69,7 +90,8 @@ pub struct BackupStatus { /// The snapshot name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "snapshotName")] pub snapshot_name: Option, - /// The backup creation state. Can be "", "InProgress", "Completed", "Error", "Unknown". + /// The backup creation state. + /// Can be "", "InProgress", "Completed", "Error", "Unknown". #[serde(default, skip_serializing_if = "Option::is_none")] pub state: Option, /// The snapshot backup URL. diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/engines.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/engines.rs index 251f9dc2c..5532ebfaa 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/engines.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/engines.rs @@ -22,7 +22,7 @@ use self::prelude::*; pub struct EngineSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub active: Option, - /// Deprecated: Replaced by field `dataEngine`. + /// Deprecated:Replaced by field `dataEngine`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "backendStoreDriver")] pub backend_store_driver: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupVolume")] @@ -133,7 +133,9 @@ pub struct EngineStatus { pub rebuild_status: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "replicaModeMap")] pub replica_mode_map: Option>, - /// ReplicaTransitionTimeMap records the time a replica in ReplicaModeMap transitions from one mode to another (or from not being in the ReplicaModeMap to being in it). This information is sometimes required by other controllers (e.g. the volume controller uses it to determine the correct value for replica.Spec.lastHealthyAt). + /// ReplicaTransitionTimeMap records the time a replica in ReplicaModeMap transitions from one mode to another (or + /// from not being in the ReplicaModeMap to being in it). This information is sometimes required by other controllers + /// (e.g. the volume controller uses it to determine the correct value for replica.Spec.lastHealthyAt). #[serde(default, skip_serializing_if = "Option::is_none", rename = "replicaTransitionTimeMap")] pub replica_transition_time_map: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "restoreStatus")] diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/instancemanagers.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/instancemanagers.rs index eb8d78ff9..94f1ec769 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/instancemanagers.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/instancemanagers.rs @@ -76,7 +76,7 @@ pub struct InstanceManagerStatusInstanceEngines { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceManagerStatusInstanceEnginesSpec { - /// Deprecated: Replaced by field `dataEngine`. + /// Deprecated:Replaced by field `dataEngine`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "backendStoreDriver")] pub backend_store_driver: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataEngine")] @@ -103,6 +103,10 @@ pub struct InstanceManagerStatusInstanceEnginesStatus { pub resource_version: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub state: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPortEnd")] + pub target_port_end: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPortStart")] + pub target_port_start: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -117,7 +121,7 @@ pub struct InstanceManagerStatusInstanceReplicas { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceManagerStatusInstanceReplicasSpec { - /// Deprecated: Replaced by field `dataEngine`. + /// Deprecated:Replaced by field `dataEngine`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "backendStoreDriver")] pub backend_store_driver: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataEngine")] @@ -144,6 +148,10 @@ pub struct InstanceManagerStatusInstanceReplicasStatus { pub resource_version: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub state: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPortEnd")] + pub target_port_end: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPortStart")] + pub target_port_start: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -159,7 +167,7 @@ pub struct InstanceManagerStatusInstances { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceManagerStatusInstancesSpec { - /// Deprecated: Replaced by field `dataEngine`. + /// Deprecated:Replaced by field `dataEngine`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "backendStoreDriver")] pub backend_store_driver: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataEngine")] @@ -186,6 +194,10 @@ pub struct InstanceManagerStatusInstancesStatus { pub resource_version: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub state: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPortEnd")] + pub target_port_end: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPortStart")] + pub target_port_start: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/nodes.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/nodes.rs index da87ee46d..c25ca7c74 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/nodes.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/nodes.rs @@ -20,7 +20,6 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct NodeSpec { - /// Allow scheduling replicas on the node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowScheduling")] pub allow_scheduling: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -78,21 +77,16 @@ pub struct NodeStatus { pub auto_evicting: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The status of the disks on the node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskStatus")] pub disk_status: Option>, - /// The Region of the node. #[serde(default, skip_serializing_if = "Option::is_none")] pub region: Option, - /// The status of the snapshot integrity check. #[serde(default, skip_serializing_if = "Option::is_none", rename = "snapshotCheckStatus")] pub snapshot_check_status: Option, - /// The Zone of the node. #[serde(default, skip_serializing_if = "Option::is_none")] pub zone: Option, } -/// The status of the disks on the node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeStatusDiskStatus { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -121,7 +115,6 @@ pub struct NodeStatusDiskStatus { pub storage_scheduled: Option, } -/// The status of the snapshot integrity check. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeStatusSnapshotCheckStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastPeriodicCheckedAt")] diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/orphans.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/orphans.rs index 717d431db..1bedaf88b 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/orphans.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/orphans.rs @@ -23,7 +23,8 @@ pub struct OrphanSpec { /// The node ID on which the controller is responsible to reconcile this orphan CR. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeID")] pub node_id: Option, - /// The type of the orphaned data. Can be "replica". + /// The type of the orphaned data. + /// Can be "replica". #[serde(default, skip_serializing_if = "Option::is_none", rename = "orphanType")] pub orphan_type: Option, /// The parameters of the orphaned data diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/recurringjobs.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/recurringjobs.rs index 4eeecb6a2..a9a9dcd8b 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/recurringjobs.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/recurringjobs.rs @@ -34,10 +34,15 @@ pub struct RecurringJobSpec { /// The recurring job name. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// The parameters of the snapshot/backup. + /// Support parameters: "full-backup-interval". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub parameters: Option>, /// The retain count of the snapshot/backup. #[serde(default, skip_serializing_if = "Option::is_none")] pub retain: Option, - /// The recurring job task. Can be "snapshot", "snapshot-force-create", "snapshot-cleanup", "snapshot-delete", "backup", "backup-force-create" or "filesystem-trim" + /// The recurring job task. + /// Can be "snapshot", "snapshot-force-create", "snapshot-cleanup", "snapshot-delete", "backup", "backup-force-create" or "filesystem-trim" #[serde(default, skip_serializing_if = "Option::is_none")] pub task: Option, } @@ -64,6 +69,9 @@ pub enum RecurringJobTask { /// RecurringJobStatus defines the observed state of the Longhorn recurring job #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RecurringJobStatus { + /// The number of jobs that have been triggered. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "executionCount")] + pub execution_count: Option, /// The owner ID which is responsible to reconcile this recurring job CR. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ownerID")] pub owner_id: Option, diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/replicas.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/replicas.rs index 7cdd9806d..c4bfc88f0 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/replicas.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/replicas.rs @@ -21,7 +21,7 @@ use self::prelude::*; pub struct ReplicaSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub active: Option, - /// Deprecated: Replaced by field `dataEngine`. + /// Deprecated:Replaced by field `dataEngine`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "backendStoreDriver")] pub backend_store_driver: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "backingImage")] @@ -43,20 +43,39 @@ pub struct ReplicaSpec { pub engine_name: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionRequested")] pub eviction_requested: Option, - /// FailedAt is set when a running replica fails or when a running engine is unable to use a replica for any reason. FailedAt indicates the time the failure occurred. When FailedAt is set, a replica is likely to have useful (though possibly stale) data. A replica with FailedAt set must be rebuilt from a non-failed replica (or it can be used in a salvage if all replicas are failed). FailedAt is cleared before a rebuild or salvage. FailedAt may be later than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller acknowledges the change. + /// FailedAt is set when a running replica fails or when a running engine is unable to use a replica for any reason. + /// FailedAt indicates the time the failure occurred. When FailedAt is set, a replica is likely to have useful + /// (though possibly stale) data. A replica with FailedAt set must be rebuilt from a non-failed replica (or it can + /// be used in a salvage if all replicas are failed). FailedAt is cleared before a rebuild or salvage. FailedAt may + /// be later than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume + /// controller acknowledges the change. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failedAt")] pub failed_at: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "hardNodeAffinity")] pub hard_node_affinity: Option, - /// HealthyAt is set the first time a replica becomes read/write in an engine after creation or rebuild. HealthyAt indicates the time the last successful rebuild occurred. When HealthyAt is set, a replica is likely to have useful (though possibly stale) data. HealthyAt is cleared before a rebuild. HealthyAt may be later than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller acknowledges the change. + /// HealthyAt is set the first time a replica becomes read/write in an engine after creation or rebuild. HealthyAt + /// indicates the time the last successful rebuild occurred. When HealthyAt is set, a replica is likely to have + /// useful (though possibly stale) data. HealthyAt is cleared before a rebuild. HealthyAt may be later than the + /// corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller + /// acknowledges the change. #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthyAt")] pub healthy_at: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// LastFailedAt is always set at the same time as FailedAt. Unlike FailedAt, LastFailedAt is never cleared. LastFailedAt is not a reliable indicator of the state of a replica's data. For example, a replica with LastFailedAt may already be healthy and in use again. However, because it is never cleared, it can be compared to LastHealthyAt to help prevent dangerous replica deletion in some corner cases. LastFailedAt may be later than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller acknowledges the change. + /// LastFailedAt is always set at the same time as FailedAt. Unlike FailedAt, LastFailedAt is never cleared. + /// LastFailedAt is not a reliable indicator of the state of a replica's data. For example, a replica with + /// LastFailedAt may already be healthy and in use again. However, because it is never cleared, it can be compared to + /// LastHealthyAt to help prevent dangerous replica deletion in some corner cases. LastFailedAt may be later than the + /// corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller + /// acknowledges the change. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastFailedAt")] pub last_failed_at: Option, - /// LastHealthyAt is set every time a replica becomes read/write in an engine. Unlike HealthyAt, LastHealthyAt is never cleared. LastHealthyAt is not a reliable indicator of the state of a replica's data. For example, a replica with LastHealthyAt set may be in the middle of a rebuild. However, because it is never cleared, it can be compared to LastFailedAt to help prevent dangerous replica deletion in some corner cases. LastHealthyAt may be later than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller acknowledges the change. + /// LastHealthyAt is set every time a replica becomes read/write in an engine. Unlike HealthyAt, LastHealthyAt is + /// never cleared. LastHealthyAt is not a reliable indicator of the state of a replica's data. For example, a + /// replica with LastHealthyAt set may be in the middle of a rebuild. However, because it is never cleared, it can be + /// compared to LastFailedAt to help prevent dangerous replica deletion in some corner cases. LastHealthyAt may be + /// later than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume + /// controller acknowledges the change. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastHealthyAt")] pub last_healthy_at: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "logRequested")] diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/settings.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/settings.rs index b3984b155..2696de5e5 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/settings.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/settings.rs @@ -9,7 +9,7 @@ mod prelude { } use self::prelude::*; -/// SettingStatus defines the observed state of the Longhorn setting +/// The status of the setting. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SettingStatus { /// The setting is applied. diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/snapshots.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/snapshots.rs index 1f9e303c1..a4d07fd84 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/snapshots.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/snapshots.rs @@ -25,7 +25,9 @@ pub struct SnapshotSpec { /// The labels of snapshot #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, - /// the volume that this snapshot belongs to. This field is immutable after creation. Required + /// the volume that this snapshot belongs to. + /// This field is immutable after creation. + /// Required pub volume: String, } diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/systembackups.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/systembackups.rs index 180608957..85d23a76f 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/systembackups.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/systembackups.rs @@ -19,7 +19,8 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct SystemBackupSpec { - /// The create volume backup policy Can be "if-not-present", "always" or "disabled" + /// The create volume backup policy + /// Can be "if-not-present", "always" or "disabled" #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeBackupPolicy")] pub volume_backup_policy: Option, } diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/volumeattachments.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/volumeattachments.rs index d7c030760..4d0af44f5 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/volumeattachments.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/volumeattachments.rs @@ -28,7 +28,8 @@ pub struct VolumeAttachmentSpec { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VolumeAttachmentAttachmentTickets { - /// A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. + /// A sequence number representing a specific generation of the desired state. + /// Populated by the system. Read-only. #[serde(default, skip_serializing_if = "Option::is_none")] pub generation: Option, /// The unique ID of this attachment. Used to differentiate different attachments of the same volume. @@ -56,7 +57,8 @@ pub struct VolumeAttachmentStatusAttachmentTicketStatuses { /// Record any error when trying to fulfill this attachment #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. + /// A sequence number representing a specific generation of the desired state. + /// Populated by the system. Read-only. #[serde(default, skip_serializing_if = "Option::is_none")] pub generation: Option, /// The unique ID of this attachment. Used to differentiate different attachments of the same volume. diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/volumes.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/volumes.rs index a4b45b021..6ceadf051 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/volumes.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/volumes.rs @@ -23,7 +23,7 @@ pub struct VolumeSpec { pub standby: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessMode")] pub access_mode: Option, - /// Deprecated: Replaced by field `dataEngine`. + /// Deprecated:Replaced by field `dataEngine`.' #[serde(default, skip_serializing_if = "Option::is_none", rename = "backendStoreDriver")] pub backend_store_driver: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "backingImage")] @@ -309,6 +309,10 @@ pub struct VolumeStatus { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VolumeStatusCloneStatus { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "attemptCount")] + pub attempt_count: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nextAllowedAttemptAt")] + pub next_allowed_attempt_at: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub snapshot: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceVolume")] @@ -341,8 +345,6 @@ pub struct VolumeStatusKubernetesStatus { pub struct VolumeStatusKubernetesStatusWorkloadsStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podName")] pub pod_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podNamespace")] - pub pod_namespace: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "podStatus")] pub pod_status: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "workloadName")] diff --git a/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/moodles.rs b/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/moodles.rs index d2a77b139..86add1773 100644 --- a/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/moodles.rs +++ b/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/moodles.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/nginxes.rs b/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/nginxes.rs index 6265e9145..2815db7d2 100644 --- a/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/nginxes.rs +++ b/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/nginxes.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/phpfpms.rs b/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/phpfpms.rs index ccf678aeb..b2eceebab 100644 --- a/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/phpfpms.rs +++ b/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/phpfpms.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/routines.rs b/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/routines.rs index 1e49efc1f..6f24dd70d 100644 --- a/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/routines.rs +++ b/kube-custom-resources-rs/src/m4e_krestomat_io/v1alpha1/routines.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/microcks_github_io/v1alpha1/microcksinstalls.rs b/kube-custom-resources-rs/src/microcks_github_io/v1alpha1/microcksinstalls.rs index 232028c45..24aea74e5 100644 --- a/kube-custom-resources-rs/src/microcks_github_io/v1alpha1/microcksinstalls.rs +++ b/kube-custom-resources-rs/src/microcks_github_io/v1alpha1/microcksinstalls.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/minio_min_io/v2/tenants.rs b/kube-custom-resources-rs/src/minio_min_io/v2/tenants.rs index 54eec1c46..ce3127708 100644 --- a/kube-custom-resources-rs/src/minio_min_io/v2/tenants.rs +++ b/kube-custom-resources-rs/src/minio_min_io/v2/tenants.rs @@ -33,10 +33,10 @@ pub struct TenantSpec { pub buckets: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "certConfig")] pub cert_config: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certExpiryAlertThreshold")] + pub cert_expiry_alert_threshold: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub configuration: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "credsSecret")] - pub creds_secret: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exposeServices")] @@ -840,12 +840,6 @@ pub struct TenantConfiguration { pub name: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct TenantCredsSecret { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantEnv { pub name: String, @@ -2352,8 +2346,6 @@ pub struct TenantPools { pub name: String, #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "reclaimStorage")] - pub reclaim_storage: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runtimeClassName")] diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs index b55cbf96c..6301ad69d 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs @@ -23,7 +23,7 @@ pub struct PodMonitorSpec { /// discovered targets. /// /// - /// It requires Prometheus >= v2.37.0. + /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "attachMetadata")] pub attach_metadata: Option, /// When defined, bodySizeLimit specifies a job level limit on the size @@ -72,11 +72,11 @@ pub struct PodMonitorSpec { /// It requires Prometheus >= v2.27.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelValueLengthLimit")] pub label_value_length_limit: Option, - /// Selector to select which namespaces the Kubernetes `Pods` objects - /// are discovered from. + /// `namespaceSelector` defines in which namespace(s) Prometheus should discover the pods. + /// By default, the pods are discovered in the same namespace as the `PodMonitor` object but it is possible to select pods across different/all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// List of endpoints part of this PodMonitor. + /// Defines how to scrape metrics from the selected pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podMetricsEndpoints")] pub pod_metrics_endpoints: Option>, /// `podTargetLabels` defines the labels which are transferred from the @@ -100,7 +100,7 @@ pub struct PodMonitorSpec { /// It requires Prometheus >= v2.49.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeProtocols")] pub scrape_protocols: Option>, - /// Label selector to select the Kubernetes `Pod` objects. + /// Label selector to select the Kubernetes `Pod` objects to scrape metrics from. pub selector: PodMonitorSelector, /// `targetLimit` defines a limit on the number of scraped targets that will /// be accepted. @@ -112,17 +112,21 @@ pub struct PodMonitorSpec { /// discovered targets. /// /// -/// It requires Prometheus >= v2.37.0. +/// It requires Prometheus >= v2.35.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PodMonitorAttachMetadata { - /// When set to true, Prometheus must have the `get` permission on the - /// `Nodes` objects. + /// When set to true, Prometheus attaches node metadata to the discovered + /// targets. + /// + /// + /// The Prometheus service account must have the `list` and `watch` + /// permissions on the `Nodes` objects. #[serde(default, skip_serializing_if = "Option::is_none")] pub node: Option, } -/// Selector to select which namespaces the Kubernetes `Pods` objects -/// are discovered from. +/// `namespaceSelector` defines in which namespace(s) Prometheus should discover the pods. +/// By default, the pods are discovered in the same namespace as the `PodMonitor` object but it is possible to select pods across different/all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PodMonitorNamespaceSelector { /// Boolean describing whether all namespaces are selected in contrast to a @@ -840,7 +844,7 @@ pub struct PodMonitorPodMetricsEndpointsTlsConfigKeySecret { pub optional: Option, } -/// Label selector to select the Kubernetes `Pod` objects. +/// Label selector to select the Kubernetes `Pod` objects to scrape metrics from. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PodMonitorSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs index 51b0e305a..f1ba18315 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs @@ -736,6 +736,11 @@ pub struct PrometheusSpec { /// Prometheus Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, + /// Defines the service discovery role used to discover targets from `ServiceMonitor` objects. + /// If set, the value should be either "Endpoints" or "EndpointSlice". + /// If unset, the operator assumes the "Endpoints" role. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceDiscoveryRole")] + pub service_discovery_role: Option, /// Namespaces to match for ServicedMonitors discovery. An empty label selector /// matches all namespaces. A null label selector (default value) matches the current /// namespace only. @@ -6816,6 +6821,11 @@ pub struct PrometheusRulesAlert { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusScrapeClasses { + /// AttachMetadata configures additional metadata to the discovered targets. + /// When the scrape object defines its own configuration, it takes + /// precedence over the scrape class configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "attachMetadata")] + pub attach_metadata: Option, /// Default indicates that the scrape applies to all scrape objects that /// don't configure an explicit scrape class name. /// @@ -6858,6 +6868,21 @@ pub struct PrometheusScrapeClasses { pub tls_config: Option, } +/// AttachMetadata configures additional metadata to the discovered targets. +/// When the scrape object defines its own configuration, it takes +/// precedence over the scrape class configuration. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusScrapeClassesAttachMetadata { + /// When set to true, Prometheus attaches node metadata to the discovered + /// targets. + /// + /// + /// The Prometheus service account must have the `list` and `watch` + /// permissions on the `Nodes` objects. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub node: Option, +} + /// RelabelConfig allows dynamic rewriting of the label set for targets, alerts, /// scraped samples and remote write samples. /// @@ -7476,6 +7501,14 @@ pub struct PrometheusSecurityContextWindowsOptions { pub run_as_user_name: Option, } +/// Specification of the desired behavior of the Prometheus cluster. More info: +/// https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusServiceDiscoveryRole { + Endpoints, + EndpointSlice, +} + /// Namespaces to match for ServicedMonitors discovery. An empty label selector /// matches all namespaces. A null label selector (default value) matches the current /// namespace only. diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs index 03307ab8c..632761546 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs @@ -35,8 +35,9 @@ pub struct ServiceMonitorSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "bodySizeLimit")] pub body_size_limit: Option, /// List of endpoints part of this ServiceMonitor. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub endpoints: Option>, + /// Defines how to scrape metrics from Kubernetes [Endpoints](https://kubernetes.io/docs/concepts/services-networking/service/#endpoints) objects. + /// In most cases, an Endpoints object is backed by a Kubernetes [Service](https://kubernetes.io/docs/concepts/services-networking/service/) object with the same name and labels. + pub endpoints: Vec, /// `jobLabel` selects the label from the associated Kubernetes `Service` /// object which will be used as the `job` label for all metrics. /// @@ -76,8 +77,8 @@ pub struct ServiceMonitorSpec { /// It requires Prometheus >= v2.27.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelValueLengthLimit")] pub label_value_length_limit: Option, - /// Selector to select which namespaces the Kubernetes `Endpoints` objects - /// are discovered from. + /// `namespaceSelector` defines in which namespace(s) Prometheus should discover the services. + /// By default, the services are discovered in the same namespace as the `ServiceMonitor` object but it is possible to select pods across different/all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, /// `podTargetLabels` defines the labels which are transferred from the @@ -101,7 +102,7 @@ pub struct ServiceMonitorSpec { /// It requires Prometheus >= v2.49.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeProtocols")] pub scrape_protocols: Option>, - /// Label selector to select the Kubernetes `Endpoints` objects. + /// Label selector to select the Kubernetes `Endpoints` objects to scrape metrics from. pub selector: ServiceMonitorSelector, /// `targetLabels` defines the labels which are transferred from the /// associated Kubernetes `Service` object onto the ingested metrics. @@ -120,8 +121,12 @@ pub struct ServiceMonitorSpec { /// It requires Prometheus >= v2.37.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceMonitorAttachMetadata { - /// When set to true, Prometheus must have the `get` permission on the - /// `Nodes` objects. + /// When set to true, Prometheus attaches node metadata to the discovered + /// targets. + /// + /// + /// The Prometheus service account must have the `list` and `watch` + /// permissions on the `Nodes` objects. #[serde(default, skip_serializing_if = "Option::is_none")] pub node: Option, } @@ -844,8 +849,8 @@ pub struct ServiceMonitorEndpointsTlsConfigKeySecret { pub optional: Option, } -/// Selector to select which namespaces the Kubernetes `Endpoints` objects -/// are discovered from. +/// `namespaceSelector` defines in which namespace(s) Prometheus should discover the services. +/// By default, the services are discovered in the same namespace as the `ServiceMonitor` object but it is possible to select pods across different/all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceMonitorNamespaceSelector { /// Boolean describing whether all namespaces are selected in contrast to a @@ -857,7 +862,7 @@ pub struct ServiceMonitorNamespaceSelector { pub match_names: Option>, } -/// Label selector to select the Kubernetes `Endpoints` objects. +/// Label selector to select the Kubernetes `Endpoints` objects to scrape metrics from. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceMonitorSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs index 2efbf5aa7..d696b127f 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs @@ -620,6 +620,11 @@ pub struct PrometheusAgentSpec { /// Prometheus Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, + /// Defines the service discovery role used to discover targets from `ServiceMonitor` objects. + /// If set, the value should be either "Endpoints" or "EndpointSlice". + /// If unset, the operator assumes the "Endpoints" role. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceDiscoveryRole")] + pub service_discovery_role: Option, /// Namespaces to match for ServicedMonitors discovery. An empty label selector /// matches all namespaces. A null label selector (default value) matches the current /// namespace only. @@ -5417,6 +5422,11 @@ pub struct PrometheusAgentResourcesClaims { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentScrapeClasses { + /// AttachMetadata configures additional metadata to the discovered targets. + /// When the scrape object defines its own configuration, it takes + /// precedence over the scrape class configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "attachMetadata")] + pub attach_metadata: Option, /// Default indicates that the scrape applies to all scrape objects that /// don't configure an explicit scrape class name. /// @@ -5459,6 +5469,21 @@ pub struct PrometheusAgentScrapeClasses { pub tls_config: Option, } +/// AttachMetadata configures additional metadata to the discovered targets. +/// When the scrape object defines its own configuration, it takes +/// precedence over the scrape class configuration. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAgentScrapeClassesAttachMetadata { + /// When set to true, Prometheus attaches node metadata to the discovered + /// targets. + /// + /// + /// The Prometheus service account must have the `list` and `watch` + /// permissions on the `Nodes` objects. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub node: Option, +} + /// RelabelConfig allows dynamic rewriting of the label set for targets, alerts, /// scraped samples and remote write samples. /// @@ -6077,6 +6102,14 @@ pub struct PrometheusAgentSecurityContextWindowsOptions { pub run_as_user_name: Option, } +/// Specification of the desired behavior of the Prometheus agent. More info: +/// https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusAgentServiceDiscoveryRole { + Endpoints, + EndpointSlice, +} + /// Namespaces to match for ServicedMonitors discovery. An empty label selector /// matches all namespaces. A null label selector (default value) matches the current /// namespace only. diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs index 14eedff82..68106bf5c 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs @@ -172,6 +172,9 @@ pub struct ScrapeConfigSpec { /// SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sampleLimit")] pub sample_limit: Option, + /// ScalewaySDConfigs defines a list of Scaleway instances and baremetal service discovery configurations. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "scalewaySDConfigs")] + pub scaleway_sd_configs: Option>, /// Configures the protocol scheme used for requests. /// If empty, Prometheus uses HTTP by default. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -6392,6 +6395,263 @@ pub enum ScrapeConfigRelabelingsAction { DropEqual, } +/// ScalewaySDConfig configurations allow retrieving scrape targets from Scaleway instances and baremetal services. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scaleway_sd_config +/// TODO: Need to document that we will not be supporting the `_file` fields. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigScalewaySdConfigs { + /// Access key to use. https://console.scaleway.com/project/credentials + #[serde(rename = "accessKey")] + pub access_key: String, + /// API URL to use when doing the server listing requests. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiURL")] + pub api_url: Option, + /// Whether to enable HTTP2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] + pub enable_http2: Option, + /// Configure whether HTTP requests follow HTTP 3xx redirects. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] + pub follow_redirects: Option, + /// NameFilter specify a name filter (works as a LIKE) to apply on the server listing request. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nameFilter")] + pub name_filter: Option, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// The port to scrape metrics from. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// Project ID of the targets. + #[serde(rename = "projectID")] + pub project_id: String, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// Refresh interval to re-read the list of instances. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, + /// Service of the targets to retrieve. Must be `Instance` or `Baremetal`. + pub role: ScrapeConfigScalewaySdConfigsRole, + /// Secret key to use when listing targets. + #[serde(rename = "secretKey")] + pub secret_key: ScrapeConfigScalewaySdConfigsSecretKey, + /// TagsFilter specify a tag filter (a server needs to have all defined tags to be listed) to apply on the server listing request. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagsFilter")] + pub tags_filter: Option>, + /// TLS configuration to use on every scrape request + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, + /// Zone is the availability zone of your targets (e.g. fr-par-1). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub zone: Option, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigScalewaySdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// ScalewaySDConfig configurations allow retrieving scrape targets from Scaleway instances and baremetal services. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scaleway_sd_config +/// TODO: Need to document that we will not be supporting the `_file` fields. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigScalewaySdConfigsRole { + Instance, + Baremetal, +} + +/// Secret key to use when listing targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigScalewaySdConfigsSecretKey { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use on every scrape request +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigScalewaySdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigScalewaySdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigScalewaySdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigScalewaySdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigScalewaySdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigScalewaySdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigScalewaySdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigScalewaySdConfigsTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + /// ScrapeConfigSpec is a specification of the desired configuration for a scrape configuration. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ScrapeConfigScheme { diff --git a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/memberclusterannounces.rs b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/memberclusterannounces.rs index 0f2f998ad..753d619d4 100644 --- a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/memberclusterannounces.rs +++ b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha1/memberclusterannounces.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha2/clusterclaims.rs b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha2/clusterclaims.rs index 2fe42039a..c9be951d2 100644 --- a/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha2/clusterclaims.rs +++ b/kube-custom-resources-rs/src/multicluster_crd_antrea_io/v1alpha2/clusterclaims.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/netchecks_io/v1/networkassertions.rs b/kube-custom-resources-rs/src/netchecks_io/v1/networkassertions.rs index 77277db69..7b5830722 100644 --- a/kube-custom-resources-rs/src/netchecks_io/v1/networkassertions.rs +++ b/kube-custom-resources-rs/src/netchecks_io/v1/networkassertions.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opampbridges.rs b/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opampbridges.rs index 214f0b164..c29eb2a9c 100644 --- a/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opampbridges.rs +++ b/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opampbridges.rs @@ -37,6 +37,10 @@ pub struct OpAMPBridgeSpec { pub image: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilies")] + pub ip_families: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilyPolicy")] + pub ip_family_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAnnotations")] diff --git a/kube-custom-resources-rs/src/opentelemetry_io/v1beta1/opentelemetrycollectors.rs b/kube-custom-resources-rs/src/opentelemetry_io/v1beta1/opentelemetrycollectors.rs index 14cbfbe33..830a292af 100644 --- a/kube-custom-resources-rs/src/opentelemetry_io/v1beta1/opentelemetrycollectors.rs +++ b/kube-custom-resources-rs/src/opentelemetry_io/v1beta1/opentelemetrycollectors.rs @@ -51,6 +51,10 @@ pub struct OpenTelemetryCollectorSpec { pub ingress: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "initContainers")] pub init_containers: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilies")] + pub ip_families: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilyPolicy")] + pub ip_family_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] diff --git a/kube-custom-resources-rs/src/operator_authorino_kuadrant_io/v1beta1/authorinos.rs b/kube-custom-resources-rs/src/operator_authorino_kuadrant_io/v1beta1/authorinos.rs index fac2d9e4b..4e07d403f 100644 --- a/kube-custom-resources-rs/src/operator_authorino_kuadrant_io/v1beta1/authorinos.rs +++ b/kube-custom-resources-rs/src/operator_authorino_kuadrant_io/v1beta1/authorinos.rs @@ -66,7 +66,8 @@ pub struct AuthorinoListener { /// Maximum payload (request body) size for the auth service (HTTP interface), in bytes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxHttpRequestBodySize")] pub max_http_request_body_size: Option, - /// Port number of the GRPC interface. DEPRECATED: use 'ports.grpc' instead. + /// Port number of the GRPC interface. + /// DEPRECATED: use 'ports.grpc' instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// Port numbers of the GRPC and HTTP auth interfaces. @@ -91,17 +92,21 @@ pub struct AuthorinoListenerPorts { /// TLS configuration of the auth service (GRPC and HTTP interfaces). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AuthorinoListenerTls { - /// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + /// LocalObjectReference contains enough information to let you locate the + /// referenced object inside the same namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certSecretRef")] pub cert_secret_ref: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AuthorinoListenerTlsCertSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -123,17 +128,21 @@ pub struct AuthorinoOidcServer { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AuthorinoOidcServerTls { - /// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + /// LocalObjectReference contains enough information to let you locate the + /// referenced object inside the same namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certSecretRef")] pub cert_secret_ref: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AuthorinoOidcServerTlsCertSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -180,17 +189,26 @@ pub struct AuthorinoVolumesItems { pub struct AuthorinoVolumesItemsItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// AuthorinoStatus defines the observed state of Authorino #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AuthorinoStatus { - /// Conditions is an array of the current Authorino's CR conditions Supported condition types: ConditionReady + /// Conditions is an array of the current Authorino's CR conditions + /// Supported condition types: ConditionReady #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, } diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/addonproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/addonproviders.rs index 161e63256..e94e4344a 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/addonproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/addonproviders.rs @@ -21,6 +21,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct AddonProviderSpec { + /// AdditionalDeployments is a map of additional deployments that the provider + /// should manage. The key is the name of the deployment and the value is the + /// DeploymentSpec. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalDeployments")] + pub additional_deployments: Option>, /// AdditionalManifests is reference to configmap that contains additional manifests that will be applied /// together with the provider components. The key for storing these manifests has to be `manifests`. /// The manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the @@ -61,6 +66,1126 @@ pub struct AddonProviderSpec { pub version: Option, } +/// AdditionalDeployments is a map of additional deployments that the provider +/// should manage. The key is the name of the deployment and the value is the +/// DeploymentSpec. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeployments { + /// Deployment defines the properties that can be enabled on the deployment for the additional provider deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub deployment: Option, + /// Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub manager: Option, +} + +/// Deployment defines the properties that can be enabled on the deployment for the additional provider deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeployment { + /// If specified, the pod's scheduling constraints + #[serde(default, skip_serializing_if = "Option::is_none")] + pub affinity: Option, + /// List of containers specified in the Deployment + #[serde(default, skip_serializing_if = "Option::is_none")] + pub containers: Option>, + /// List of image pull secrets specified in the Deployment + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, + /// NodeSelector is a selector which must be true for the pod to fit on a node. + /// Selector which must match a node's labels for the pod to be scheduled on that node. + /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option>, + /// Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub replicas: Option, + /// If specified, the pod's service account + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] + pub service_account_name: Option, + /// If specified, the pod's tolerations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, +} + +/// If specified, the pod's scheduling constraints +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinity { + /// Describes node affinity scheduling rules for the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] + pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] + pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] + pub pod_anti_affinity: Option, +} + +/// Describes node affinity scheduling rules for the pod. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option, +} + +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. + pub preference: AddonProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + pub weight: i32, +} + +/// A node selector term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. + #[serde(rename = "nodeSelectorTerms")] + pub node_selector_terms: Vec, +} + +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// ContainerSpec defines the properties available to override for each +/// container in a provider deployment such as Image and Args to the container’s +/// entrypoint. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentContainers { + /// Args represents extra provider specific flags that are not encoded as fields in this API. + /// Explicit controller manager properties defined in the `Provider.ManagerSpec` + /// will have higher precedence than those defined in `ContainerSpec.Args`. + /// For example, `ManagerSpec.SyncPeriod` will be used instead of the + /// container arg `--sync-period` if both are defined. + /// The same holds for `ManagerSpec.FeatureGates` and `--feature-gates`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Command allows override container's entrypoint array. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// List of environment variables to set in the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Container Image URL + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageUrl")] + pub image_url: Option, + /// Name of the container. Cannot be updated. + pub name: String, + /// Compute resources required by this container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentContainersEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentContainersEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentContainersEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentContainersEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentContainersEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, +} + +/// Selects a key of a secret in the pod's namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentContainersEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Compute resources required by this container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentImagePullSecrets { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsDeploymentTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsManager { + /// CacheNamespace if specified restricts the manager's cache to watch objects in + /// the desired namespace Defaults to all namespaces + /// + /// + /// Note: If a namespace is specified, controllers can still Watch for a + /// cluster-scoped resource (e.g Node). For namespaced resources the cache + /// will only hold objects from the desired namespace. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheNamespace")] + pub cache_namespace: Option, + /// Controller contains global configuration options for controllers + /// registered within this manager. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub controller: Option, + /// FeatureGates define provider specific feature flags that will be passed + /// in as container args to the provider's controller manager. + /// Controller Manager flag is --feature-gates. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "featureGates")] + pub feature_gates: Option>, + /// GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop. + /// To disable graceful shutdown, set to time.Duration(0) + /// To use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1) + /// The graceful shutdown is skipped for safety reasons in case the leader election lease is lost. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracefulShutDown")] + pub graceful_shut_down: Option, + /// Health contains the controller health configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub health: Option, + /// LeaderElection is the LeaderElection config to be used when configuring + /// the manager.Manager leader election + #[serde(default, skip_serializing_if = "Option::is_none", rename = "leaderElection")] + pub leader_election: Option, + /// MaxConcurrentReconciles is the maximum number of concurrent Reconciles + /// which can be run. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxConcurrentReconciles")] + pub max_concurrent_reconciles: Option, + /// Metrics contains thw controller metrics configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060). + /// Default empty, meaning the profiler is disabled. + /// Controller Manager flag is --profiler-address. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "profilerAddress")] + pub profiler_address: Option, + /// SyncPeriod determines the minimum frequency at which watched resources are + /// reconciled. A lower period will correct entropy more quickly, but reduce + /// responsiveness to change if there are many watched resources. Change this + /// value only if you know what you are doing. Defaults to 10 hours if unset. + /// there will a 10 percent jitter between the SyncPeriod of all controllers + /// so that all controllers will not send list requests simultaneously. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "syncPeriod")] + pub sync_period: Option, + /// Verbosity set the logs verbosity. Defaults to 1. + /// Controller Manager flag is --verbosity. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub verbosity: Option, + /// Webhook contains the controllers webhook configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub webhook: Option, +} + +/// Controller contains global configuration options for controllers +/// registered within this manager. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsManagerController { + /// CacheSyncTimeout refers to the time limit set to wait for syncing caches. + /// Defaults to 2 minutes if not set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheSyncTimeout")] + pub cache_sync_timeout: Option, + /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation + /// allowed for that controller. + /// + /// + /// When a controller is registered within this manager using the builder utilities, + /// users have to specify the type the controller reconciles in the For(...) call. + /// If the object's kind passed matches one of the keys in this map, the concurrency + /// for that controller is set to the number specified. + /// + /// + /// The key is expected to be consistent in form with GroupKind.String(), + /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] + pub group_kind_concurrency: Option>, + /// RecoverPanic indicates if panics should be recovered. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recoverPanic")] + pub recover_panic: Option, +} + +/// Health contains the controller health configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsManagerHealth { + /// HealthProbeBindAddress is the TCP address that the controller should bind to + /// for serving health probes + /// It can be set to "0" or "" to disable serving the health probe. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthProbeBindAddress")] + pub health_probe_bind_address: Option, + /// LivenessEndpointName, defaults to "healthz" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessEndpointName")] + pub liveness_endpoint_name: Option, + /// ReadinessEndpointName, defaults to "readyz" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessEndpointName")] + pub readiness_endpoint_name: Option, +} + +/// LeaderElection is the LeaderElection config to be used when configuring +/// the manager.Manager leader election +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsManagerLeaderElection { + /// leaderElect enables a leader election client to gain leadership + /// before executing the main loop. Enable this when running replicated + /// components for high availability. + #[serde(rename = "leaderElect")] + pub leader_elect: bool, + /// leaseDuration is the duration that non-leader candidates will wait + /// after observing a leadership renewal until attempting to acquire + /// leadership of a led but unrenewed leader slot. This is effectively the + /// maximum duration that a leader can be stopped before it is replaced + /// by another candidate. This is only applicable if leader election is + /// enabled. + #[serde(rename = "leaseDuration")] + pub lease_duration: String, + /// renewDeadline is the interval between attempts by the acting master to + /// renew a leadership slot before it stops leading. This must be less + /// than or equal to the lease duration. This is only applicable if leader + /// election is enabled. + #[serde(rename = "renewDeadline")] + pub renew_deadline: String, + /// resourceLock indicates the resource object type that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceLock")] + pub resource_lock: String, + /// resourceName indicates the name of resource object that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// resourceName indicates the namespace of resource object that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceNamespace")] + pub resource_namespace: String, + /// retryPeriod is the duration the clients should wait between attempting + /// acquisition and renewal of a leadership. This is only applicable if + /// leader election is enabled. + #[serde(rename = "retryPeriod")] + pub retry_period: String, +} + +/// Metrics contains thw controller metrics configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsManagerMetrics { + /// BindAddress is the TCP address that the controller should bind to + /// for serving prometheus metrics. + /// It can be set to "0" to disable the metrics serving. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bindAddress")] + pub bind_address: Option, +} + +/// Webhook contains the controllers webhook configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AddonProviderAdditionalDeploymentsManagerWebhook { + /// CertDir is the directory that contains the server key and certificate. + /// if not set, webhook server would look up the server key and certificate in + /// {TempDir}/k8s-webhook-server/serving-certs. The server key and certificate + /// must be named tls.key and tls.crt, respectively. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certDir")] + pub cert_dir: Option, + /// Host is the hostname that the webhook server binds to. + /// It is used to set webhook.Server.Host. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Port is the port that the webhook server serves at. + /// It is used to set webhook.Server.Port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, +} + /// AdditionalManifests is reference to configmap that contains additional manifests that will be applied /// together with the provider components. The key for storing these manifests has to be `manifests`. /// The manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/bootstrapproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/bootstrapproviders.rs index 2f511ccb0..b60c5e40e 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/bootstrapproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/bootstrapproviders.rs @@ -21,6 +21,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct BootstrapProviderSpec { + /// AdditionalDeployments is a map of additional deployments that the provider + /// should manage. The key is the name of the deployment and the value is the + /// DeploymentSpec. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalDeployments")] + pub additional_deployments: Option>, /// AdditionalManifests is reference to configmap that contains additional manifests that will be applied /// together with the provider components. The key for storing these manifests has to be `manifests`. /// The manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the @@ -61,6 +66,1126 @@ pub struct BootstrapProviderSpec { pub version: Option, } +/// AdditionalDeployments is a map of additional deployments that the provider +/// should manage. The key is the name of the deployment and the value is the +/// DeploymentSpec. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeployments { + /// Deployment defines the properties that can be enabled on the deployment for the additional provider deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub deployment: Option, + /// Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub manager: Option, +} + +/// Deployment defines the properties that can be enabled on the deployment for the additional provider deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeployment { + /// If specified, the pod's scheduling constraints + #[serde(default, skip_serializing_if = "Option::is_none")] + pub affinity: Option, + /// List of containers specified in the Deployment + #[serde(default, skip_serializing_if = "Option::is_none")] + pub containers: Option>, + /// List of image pull secrets specified in the Deployment + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, + /// NodeSelector is a selector which must be true for the pod to fit on a node. + /// Selector which must match a node's labels for the pod to be scheduled on that node. + /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option>, + /// Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub replicas: Option, + /// If specified, the pod's service account + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] + pub service_account_name: Option, + /// If specified, the pod's tolerations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, +} + +/// If specified, the pod's scheduling constraints +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinity { + /// Describes node affinity scheduling rules for the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] + pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] + pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] + pub pod_anti_affinity: Option, +} + +/// Describes node affinity scheduling rules for the pod. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option, +} + +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. + pub preference: BootstrapProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + pub weight: i32, +} + +/// A node selector term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. + #[serde(rename = "nodeSelectorTerms")] + pub node_selector_terms: Vec, +} + +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// ContainerSpec defines the properties available to override for each +/// container in a provider deployment such as Image and Args to the container’s +/// entrypoint. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainers { + /// Args represents extra provider specific flags that are not encoded as fields in this API. + /// Explicit controller manager properties defined in the `Provider.ManagerSpec` + /// will have higher precedence than those defined in `ContainerSpec.Args`. + /// For example, `ManagerSpec.SyncPeriod` will be used instead of the + /// container arg `--sync-period` if both are defined. + /// The same holds for `ManagerSpec.FeatureGates` and `--feature-gates`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Command allows override container's entrypoint array. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// List of environment variables to set in the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Container Image URL + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageUrl")] + pub image_url: Option, + /// Name of the container. Cannot be updated. + pub name: String, + /// Compute resources required by this container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainersEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainersEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainersEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainersEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainersEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, +} + +/// Selects a key of a secret in the pod's namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainersEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Compute resources required by this container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentImagePullSecrets { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsDeploymentTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsManager { + /// CacheNamespace if specified restricts the manager's cache to watch objects in + /// the desired namespace Defaults to all namespaces + /// + /// + /// Note: If a namespace is specified, controllers can still Watch for a + /// cluster-scoped resource (e.g Node). For namespaced resources the cache + /// will only hold objects from the desired namespace. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheNamespace")] + pub cache_namespace: Option, + /// Controller contains global configuration options for controllers + /// registered within this manager. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub controller: Option, + /// FeatureGates define provider specific feature flags that will be passed + /// in as container args to the provider's controller manager. + /// Controller Manager flag is --feature-gates. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "featureGates")] + pub feature_gates: Option>, + /// GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop. + /// To disable graceful shutdown, set to time.Duration(0) + /// To use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1) + /// The graceful shutdown is skipped for safety reasons in case the leader election lease is lost. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracefulShutDown")] + pub graceful_shut_down: Option, + /// Health contains the controller health configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub health: Option, + /// LeaderElection is the LeaderElection config to be used when configuring + /// the manager.Manager leader election + #[serde(default, skip_serializing_if = "Option::is_none", rename = "leaderElection")] + pub leader_election: Option, + /// MaxConcurrentReconciles is the maximum number of concurrent Reconciles + /// which can be run. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxConcurrentReconciles")] + pub max_concurrent_reconciles: Option, + /// Metrics contains thw controller metrics configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060). + /// Default empty, meaning the profiler is disabled. + /// Controller Manager flag is --profiler-address. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "profilerAddress")] + pub profiler_address: Option, + /// SyncPeriod determines the minimum frequency at which watched resources are + /// reconciled. A lower period will correct entropy more quickly, but reduce + /// responsiveness to change if there are many watched resources. Change this + /// value only if you know what you are doing. Defaults to 10 hours if unset. + /// there will a 10 percent jitter between the SyncPeriod of all controllers + /// so that all controllers will not send list requests simultaneously. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "syncPeriod")] + pub sync_period: Option, + /// Verbosity set the logs verbosity. Defaults to 1. + /// Controller Manager flag is --verbosity. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub verbosity: Option, + /// Webhook contains the controllers webhook configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub webhook: Option, +} + +/// Controller contains global configuration options for controllers +/// registered within this manager. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsManagerController { + /// CacheSyncTimeout refers to the time limit set to wait for syncing caches. + /// Defaults to 2 minutes if not set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheSyncTimeout")] + pub cache_sync_timeout: Option, + /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation + /// allowed for that controller. + /// + /// + /// When a controller is registered within this manager using the builder utilities, + /// users have to specify the type the controller reconciles in the For(...) call. + /// If the object's kind passed matches one of the keys in this map, the concurrency + /// for that controller is set to the number specified. + /// + /// + /// The key is expected to be consistent in form with GroupKind.String(), + /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] + pub group_kind_concurrency: Option>, + /// RecoverPanic indicates if panics should be recovered. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recoverPanic")] + pub recover_panic: Option, +} + +/// Health contains the controller health configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsManagerHealth { + /// HealthProbeBindAddress is the TCP address that the controller should bind to + /// for serving health probes + /// It can be set to "0" or "" to disable serving the health probe. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthProbeBindAddress")] + pub health_probe_bind_address: Option, + /// LivenessEndpointName, defaults to "healthz" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessEndpointName")] + pub liveness_endpoint_name: Option, + /// ReadinessEndpointName, defaults to "readyz" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessEndpointName")] + pub readiness_endpoint_name: Option, +} + +/// LeaderElection is the LeaderElection config to be used when configuring +/// the manager.Manager leader election +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsManagerLeaderElection { + /// leaderElect enables a leader election client to gain leadership + /// before executing the main loop. Enable this when running replicated + /// components for high availability. + #[serde(rename = "leaderElect")] + pub leader_elect: bool, + /// leaseDuration is the duration that non-leader candidates will wait + /// after observing a leadership renewal until attempting to acquire + /// leadership of a led but unrenewed leader slot. This is effectively the + /// maximum duration that a leader can be stopped before it is replaced + /// by another candidate. This is only applicable if leader election is + /// enabled. + #[serde(rename = "leaseDuration")] + pub lease_duration: String, + /// renewDeadline is the interval between attempts by the acting master to + /// renew a leadership slot before it stops leading. This must be less + /// than or equal to the lease duration. This is only applicable if leader + /// election is enabled. + #[serde(rename = "renewDeadline")] + pub renew_deadline: String, + /// resourceLock indicates the resource object type that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceLock")] + pub resource_lock: String, + /// resourceName indicates the name of resource object that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// resourceName indicates the namespace of resource object that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceNamespace")] + pub resource_namespace: String, + /// retryPeriod is the duration the clients should wait between attempting + /// acquisition and renewal of a leadership. This is only applicable if + /// leader election is enabled. + #[serde(rename = "retryPeriod")] + pub retry_period: String, +} + +/// Metrics contains thw controller metrics configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsManagerMetrics { + /// BindAddress is the TCP address that the controller should bind to + /// for serving prometheus metrics. + /// It can be set to "0" to disable the metrics serving. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bindAddress")] + pub bind_address: Option, +} + +/// Webhook contains the controllers webhook configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BootstrapProviderAdditionalDeploymentsManagerWebhook { + /// CertDir is the directory that contains the server key and certificate. + /// if not set, webhook server would look up the server key and certificate in + /// {TempDir}/k8s-webhook-server/serving-certs. The server key and certificate + /// must be named tls.key and tls.crt, respectively. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certDir")] + pub cert_dir: Option, + /// Host is the hostname that the webhook server binds to. + /// It is used to set webhook.Server.Host. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Port is the port that the webhook server serves at. + /// It is used to set webhook.Server.Port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, +} + /// AdditionalManifests is reference to configmap that contains additional manifests that will be applied /// together with the provider components. The key for storing these manifests has to be `manifests`. /// The manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/controlplaneproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/controlplaneproviders.rs index 77fe8b12a..3364cf6ec 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/controlplaneproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/controlplaneproviders.rs @@ -21,6 +21,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ControlPlaneProviderSpec { + /// AdditionalDeployments is a map of additional deployments that the provider + /// should manage. The key is the name of the deployment and the value is the + /// DeploymentSpec. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalDeployments")] + pub additional_deployments: Option>, /// AdditionalManifests is reference to configmap that contains additional manifests that will be applied /// together with the provider components. The key for storing these manifests has to be `manifests`. /// The manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the @@ -61,6 +66,1126 @@ pub struct ControlPlaneProviderSpec { pub version: Option, } +/// AdditionalDeployments is a map of additional deployments that the provider +/// should manage. The key is the name of the deployment and the value is the +/// DeploymentSpec. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeployments { + /// Deployment defines the properties that can be enabled on the deployment for the additional provider deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub deployment: Option, + /// Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub manager: Option, +} + +/// Deployment defines the properties that can be enabled on the deployment for the additional provider deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeployment { + /// If specified, the pod's scheduling constraints + #[serde(default, skip_serializing_if = "Option::is_none")] + pub affinity: Option, + /// List of containers specified in the Deployment + #[serde(default, skip_serializing_if = "Option::is_none")] + pub containers: Option>, + /// List of image pull secrets specified in the Deployment + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, + /// NodeSelector is a selector which must be true for the pod to fit on a node. + /// Selector which must match a node's labels for the pod to be scheduled on that node. + /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option>, + /// Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub replicas: Option, + /// If specified, the pod's service account + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] + pub service_account_name: Option, + /// If specified, the pod's tolerations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, +} + +/// If specified, the pod's scheduling constraints +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinity { + /// Describes node affinity scheduling rules for the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] + pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] + pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] + pub pod_anti_affinity: Option, +} + +/// Describes node affinity scheduling rules for the pod. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option, +} + +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. + pub preference: ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + pub weight: i32, +} + +/// A node selector term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. + #[serde(rename = "nodeSelectorTerms")] + pub node_selector_terms: Vec, +} + +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// ContainerSpec defines the properties available to override for each +/// container in a provider deployment such as Image and Args to the container’s +/// entrypoint. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainers { + /// Args represents extra provider specific flags that are not encoded as fields in this API. + /// Explicit controller manager properties defined in the `Provider.ManagerSpec` + /// will have higher precedence than those defined in `ContainerSpec.Args`. + /// For example, `ManagerSpec.SyncPeriod` will be used instead of the + /// container arg `--sync-period` if both are defined. + /// The same holds for `ManagerSpec.FeatureGates` and `--feature-gates`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Command allows override container's entrypoint array. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// List of environment variables to set in the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Container Image URL + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageUrl")] + pub image_url: Option, + /// Name of the container. Cannot be updated. + pub name: String, + /// Compute resources required by this container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainersEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainersEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainersEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainersEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainersEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, +} + +/// Selects a key of a secret in the pod's namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainersEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Compute resources required by this container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentImagePullSecrets { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsManager { + /// CacheNamespace if specified restricts the manager's cache to watch objects in + /// the desired namespace Defaults to all namespaces + /// + /// + /// Note: If a namespace is specified, controllers can still Watch for a + /// cluster-scoped resource (e.g Node). For namespaced resources the cache + /// will only hold objects from the desired namespace. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheNamespace")] + pub cache_namespace: Option, + /// Controller contains global configuration options for controllers + /// registered within this manager. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub controller: Option, + /// FeatureGates define provider specific feature flags that will be passed + /// in as container args to the provider's controller manager. + /// Controller Manager flag is --feature-gates. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "featureGates")] + pub feature_gates: Option>, + /// GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop. + /// To disable graceful shutdown, set to time.Duration(0) + /// To use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1) + /// The graceful shutdown is skipped for safety reasons in case the leader election lease is lost. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracefulShutDown")] + pub graceful_shut_down: Option, + /// Health contains the controller health configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub health: Option, + /// LeaderElection is the LeaderElection config to be used when configuring + /// the manager.Manager leader election + #[serde(default, skip_serializing_if = "Option::is_none", rename = "leaderElection")] + pub leader_election: Option, + /// MaxConcurrentReconciles is the maximum number of concurrent Reconciles + /// which can be run. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxConcurrentReconciles")] + pub max_concurrent_reconciles: Option, + /// Metrics contains thw controller metrics configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060). + /// Default empty, meaning the profiler is disabled. + /// Controller Manager flag is --profiler-address. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "profilerAddress")] + pub profiler_address: Option, + /// SyncPeriod determines the minimum frequency at which watched resources are + /// reconciled. A lower period will correct entropy more quickly, but reduce + /// responsiveness to change if there are many watched resources. Change this + /// value only if you know what you are doing. Defaults to 10 hours if unset. + /// there will a 10 percent jitter between the SyncPeriod of all controllers + /// so that all controllers will not send list requests simultaneously. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "syncPeriod")] + pub sync_period: Option, + /// Verbosity set the logs verbosity. Defaults to 1. + /// Controller Manager flag is --verbosity. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub verbosity: Option, + /// Webhook contains the controllers webhook configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub webhook: Option, +} + +/// Controller contains global configuration options for controllers +/// registered within this manager. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsManagerController { + /// CacheSyncTimeout refers to the time limit set to wait for syncing caches. + /// Defaults to 2 minutes if not set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheSyncTimeout")] + pub cache_sync_timeout: Option, + /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation + /// allowed for that controller. + /// + /// + /// When a controller is registered within this manager using the builder utilities, + /// users have to specify the type the controller reconciles in the For(...) call. + /// If the object's kind passed matches one of the keys in this map, the concurrency + /// for that controller is set to the number specified. + /// + /// + /// The key is expected to be consistent in form with GroupKind.String(), + /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] + pub group_kind_concurrency: Option>, + /// RecoverPanic indicates if panics should be recovered. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recoverPanic")] + pub recover_panic: Option, +} + +/// Health contains the controller health configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsManagerHealth { + /// HealthProbeBindAddress is the TCP address that the controller should bind to + /// for serving health probes + /// It can be set to "0" or "" to disable serving the health probe. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthProbeBindAddress")] + pub health_probe_bind_address: Option, + /// LivenessEndpointName, defaults to "healthz" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessEndpointName")] + pub liveness_endpoint_name: Option, + /// ReadinessEndpointName, defaults to "readyz" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessEndpointName")] + pub readiness_endpoint_name: Option, +} + +/// LeaderElection is the LeaderElection config to be used when configuring +/// the manager.Manager leader election +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsManagerLeaderElection { + /// leaderElect enables a leader election client to gain leadership + /// before executing the main loop. Enable this when running replicated + /// components for high availability. + #[serde(rename = "leaderElect")] + pub leader_elect: bool, + /// leaseDuration is the duration that non-leader candidates will wait + /// after observing a leadership renewal until attempting to acquire + /// leadership of a led but unrenewed leader slot. This is effectively the + /// maximum duration that a leader can be stopped before it is replaced + /// by another candidate. This is only applicable if leader election is + /// enabled. + #[serde(rename = "leaseDuration")] + pub lease_duration: String, + /// renewDeadline is the interval between attempts by the acting master to + /// renew a leadership slot before it stops leading. This must be less + /// than or equal to the lease duration. This is only applicable if leader + /// election is enabled. + #[serde(rename = "renewDeadline")] + pub renew_deadline: String, + /// resourceLock indicates the resource object type that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceLock")] + pub resource_lock: String, + /// resourceName indicates the name of resource object that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// resourceName indicates the namespace of resource object that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceNamespace")] + pub resource_namespace: String, + /// retryPeriod is the duration the clients should wait between attempting + /// acquisition and renewal of a leadership. This is only applicable if + /// leader election is enabled. + #[serde(rename = "retryPeriod")] + pub retry_period: String, +} + +/// Metrics contains thw controller metrics configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsManagerMetrics { + /// BindAddress is the TCP address that the controller should bind to + /// for serving prometheus metrics. + /// It can be set to "0" to disable the metrics serving. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bindAddress")] + pub bind_address: Option, +} + +/// Webhook contains the controllers webhook configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ControlPlaneProviderAdditionalDeploymentsManagerWebhook { + /// CertDir is the directory that contains the server key and certificate. + /// if not set, webhook server would look up the server key and certificate in + /// {TempDir}/k8s-webhook-server/serving-certs. The server key and certificate + /// must be named tls.key and tls.crt, respectively. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certDir")] + pub cert_dir: Option, + /// Host is the hostname that the webhook server binds to. + /// It is used to set webhook.Server.Host. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Port is the port that the webhook server serves at. + /// It is used to set webhook.Server.Port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, +} + /// AdditionalManifests is reference to configmap that contains additional manifests that will be applied /// together with the provider components. The key for storing these manifests has to be `manifests`. /// The manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/coreproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/coreproviders.rs index 545398a44..bae16e238 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/coreproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/coreproviders.rs @@ -21,6 +21,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct CoreProviderSpec { + /// AdditionalDeployments is a map of additional deployments that the provider + /// should manage. The key is the name of the deployment and the value is the + /// DeploymentSpec. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalDeployments")] + pub additional_deployments: Option>, /// AdditionalManifests is reference to configmap that contains additional manifests that will be applied /// together with the provider components. The key for storing these manifests has to be `manifests`. /// The manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the @@ -61,6 +66,1126 @@ pub struct CoreProviderSpec { pub version: Option, } +/// AdditionalDeployments is a map of additional deployments that the provider +/// should manage. The key is the name of the deployment and the value is the +/// DeploymentSpec. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeployments { + /// Deployment defines the properties that can be enabled on the deployment for the additional provider deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub deployment: Option, + /// Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub manager: Option, +} + +/// Deployment defines the properties that can be enabled on the deployment for the additional provider deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeployment { + /// If specified, the pod's scheduling constraints + #[serde(default, skip_serializing_if = "Option::is_none")] + pub affinity: Option, + /// List of containers specified in the Deployment + #[serde(default, skip_serializing_if = "Option::is_none")] + pub containers: Option>, + /// List of image pull secrets specified in the Deployment + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, + /// NodeSelector is a selector which must be true for the pod to fit on a node. + /// Selector which must match a node's labels for the pod to be scheduled on that node. + /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option>, + /// Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub replicas: Option, + /// If specified, the pod's service account + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] + pub service_account_name: Option, + /// If specified, the pod's tolerations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, +} + +/// If specified, the pod's scheduling constraints +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinity { + /// Describes node affinity scheduling rules for the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] + pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] + pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] + pub pod_anti_affinity: Option, +} + +/// Describes node affinity scheduling rules for the pod. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option, +} + +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. + pub preference: CoreProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + pub weight: i32, +} + +/// A node selector term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. + #[serde(rename = "nodeSelectorTerms")] + pub node_selector_terms: Vec, +} + +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// ContainerSpec defines the properties available to override for each +/// container in a provider deployment such as Image and Args to the container’s +/// entrypoint. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentContainers { + /// Args represents extra provider specific flags that are not encoded as fields in this API. + /// Explicit controller manager properties defined in the `Provider.ManagerSpec` + /// will have higher precedence than those defined in `ContainerSpec.Args`. + /// For example, `ManagerSpec.SyncPeriod` will be used instead of the + /// container arg `--sync-period` if both are defined. + /// The same holds for `ManagerSpec.FeatureGates` and `--feature-gates`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Command allows override container's entrypoint array. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// List of environment variables to set in the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Container Image URL + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageUrl")] + pub image_url: Option, + /// Name of the container. Cannot be updated. + pub name: String, + /// Compute resources required by this container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentContainersEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentContainersEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentContainersEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentContainersEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentContainersEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, +} + +/// Selects a key of a secret in the pod's namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentContainersEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Compute resources required by this container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentImagePullSecrets { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsDeploymentTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsManager { + /// CacheNamespace if specified restricts the manager's cache to watch objects in + /// the desired namespace Defaults to all namespaces + /// + /// + /// Note: If a namespace is specified, controllers can still Watch for a + /// cluster-scoped resource (e.g Node). For namespaced resources the cache + /// will only hold objects from the desired namespace. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheNamespace")] + pub cache_namespace: Option, + /// Controller contains global configuration options for controllers + /// registered within this manager. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub controller: Option, + /// FeatureGates define provider specific feature flags that will be passed + /// in as container args to the provider's controller manager. + /// Controller Manager flag is --feature-gates. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "featureGates")] + pub feature_gates: Option>, + /// GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop. + /// To disable graceful shutdown, set to time.Duration(0) + /// To use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1) + /// The graceful shutdown is skipped for safety reasons in case the leader election lease is lost. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracefulShutDown")] + pub graceful_shut_down: Option, + /// Health contains the controller health configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub health: Option, + /// LeaderElection is the LeaderElection config to be used when configuring + /// the manager.Manager leader election + #[serde(default, skip_serializing_if = "Option::is_none", rename = "leaderElection")] + pub leader_election: Option, + /// MaxConcurrentReconciles is the maximum number of concurrent Reconciles + /// which can be run. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxConcurrentReconciles")] + pub max_concurrent_reconciles: Option, + /// Metrics contains thw controller metrics configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060). + /// Default empty, meaning the profiler is disabled. + /// Controller Manager flag is --profiler-address. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "profilerAddress")] + pub profiler_address: Option, + /// SyncPeriod determines the minimum frequency at which watched resources are + /// reconciled. A lower period will correct entropy more quickly, but reduce + /// responsiveness to change if there are many watched resources. Change this + /// value only if you know what you are doing. Defaults to 10 hours if unset. + /// there will a 10 percent jitter between the SyncPeriod of all controllers + /// so that all controllers will not send list requests simultaneously. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "syncPeriod")] + pub sync_period: Option, + /// Verbosity set the logs verbosity. Defaults to 1. + /// Controller Manager flag is --verbosity. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub verbosity: Option, + /// Webhook contains the controllers webhook configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub webhook: Option, +} + +/// Controller contains global configuration options for controllers +/// registered within this manager. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsManagerController { + /// CacheSyncTimeout refers to the time limit set to wait for syncing caches. + /// Defaults to 2 minutes if not set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheSyncTimeout")] + pub cache_sync_timeout: Option, + /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation + /// allowed for that controller. + /// + /// + /// When a controller is registered within this manager using the builder utilities, + /// users have to specify the type the controller reconciles in the For(...) call. + /// If the object's kind passed matches one of the keys in this map, the concurrency + /// for that controller is set to the number specified. + /// + /// + /// The key is expected to be consistent in form with GroupKind.String(), + /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] + pub group_kind_concurrency: Option>, + /// RecoverPanic indicates if panics should be recovered. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recoverPanic")] + pub recover_panic: Option, +} + +/// Health contains the controller health configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsManagerHealth { + /// HealthProbeBindAddress is the TCP address that the controller should bind to + /// for serving health probes + /// It can be set to "0" or "" to disable serving the health probe. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthProbeBindAddress")] + pub health_probe_bind_address: Option, + /// LivenessEndpointName, defaults to "healthz" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessEndpointName")] + pub liveness_endpoint_name: Option, + /// ReadinessEndpointName, defaults to "readyz" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessEndpointName")] + pub readiness_endpoint_name: Option, +} + +/// LeaderElection is the LeaderElection config to be used when configuring +/// the manager.Manager leader election +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsManagerLeaderElection { + /// leaderElect enables a leader election client to gain leadership + /// before executing the main loop. Enable this when running replicated + /// components for high availability. + #[serde(rename = "leaderElect")] + pub leader_elect: bool, + /// leaseDuration is the duration that non-leader candidates will wait + /// after observing a leadership renewal until attempting to acquire + /// leadership of a led but unrenewed leader slot. This is effectively the + /// maximum duration that a leader can be stopped before it is replaced + /// by another candidate. This is only applicable if leader election is + /// enabled. + #[serde(rename = "leaseDuration")] + pub lease_duration: String, + /// renewDeadline is the interval between attempts by the acting master to + /// renew a leadership slot before it stops leading. This must be less + /// than or equal to the lease duration. This is only applicable if leader + /// election is enabled. + #[serde(rename = "renewDeadline")] + pub renew_deadline: String, + /// resourceLock indicates the resource object type that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceLock")] + pub resource_lock: String, + /// resourceName indicates the name of resource object that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// resourceName indicates the namespace of resource object that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceNamespace")] + pub resource_namespace: String, + /// retryPeriod is the duration the clients should wait between attempting + /// acquisition and renewal of a leadership. This is only applicable if + /// leader election is enabled. + #[serde(rename = "retryPeriod")] + pub retry_period: String, +} + +/// Metrics contains thw controller metrics configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsManagerMetrics { + /// BindAddress is the TCP address that the controller should bind to + /// for serving prometheus metrics. + /// It can be set to "0" to disable the metrics serving. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bindAddress")] + pub bind_address: Option, +} + +/// Webhook contains the controllers webhook configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CoreProviderAdditionalDeploymentsManagerWebhook { + /// CertDir is the directory that contains the server key and certificate. + /// if not set, webhook server would look up the server key and certificate in + /// {TempDir}/k8s-webhook-server/serving-certs. The server key and certificate + /// must be named tls.key and tls.crt, respectively. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certDir")] + pub cert_dir: Option, + /// Host is the hostname that the webhook server binds to. + /// It is used to set webhook.Server.Host. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Port is the port that the webhook server serves at. + /// It is used to set webhook.Server.Port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, +} + /// AdditionalManifests is reference to configmap that contains additional manifests that will be applied /// together with the provider components. The key for storing these manifests has to be `manifests`. /// The manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/infrastructureproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/infrastructureproviders.rs index 09d2000a1..ce057f136 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/infrastructureproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/infrastructureproviders.rs @@ -21,6 +21,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct InfrastructureProviderSpec { + /// AdditionalDeployments is a map of additional deployments that the provider + /// should manage. The key is the name of the deployment and the value is the + /// DeploymentSpec. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalDeployments")] + pub additional_deployments: Option>, /// AdditionalManifests is reference to configmap that contains additional manifests that will be applied /// together with the provider components. The key for storing these manifests has to be `manifests`. /// The manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the @@ -61,6 +66,1126 @@ pub struct InfrastructureProviderSpec { pub version: Option, } +/// AdditionalDeployments is a map of additional deployments that the provider +/// should manage. The key is the name of the deployment and the value is the +/// DeploymentSpec. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeployments { + /// Deployment defines the properties that can be enabled on the deployment for the additional provider deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub deployment: Option, + /// Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub manager: Option, +} + +/// Deployment defines the properties that can be enabled on the deployment for the additional provider deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeployment { + /// If specified, the pod's scheduling constraints + #[serde(default, skip_serializing_if = "Option::is_none")] + pub affinity: Option, + /// List of containers specified in the Deployment + #[serde(default, skip_serializing_if = "Option::is_none")] + pub containers: Option>, + /// List of image pull secrets specified in the Deployment + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, + /// NodeSelector is a selector which must be true for the pod to fit on a node. + /// Selector which must match a node's labels for the pod to be scheduled on that node. + /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option>, + /// Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub replicas: Option, + /// If specified, the pod's service account + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] + pub service_account_name: Option, + /// If specified, the pod's tolerations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, +} + +/// If specified, the pod's scheduling constraints +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinity { + /// Describes node affinity scheduling rules for the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] + pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] + pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] + pub pod_anti_affinity: Option, +} + +/// Describes node affinity scheduling rules for the pod. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option, +} + +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. + pub preference: InfrastructureProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + pub weight: i32, +} + +/// A node selector term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. + #[serde(rename = "nodeSelectorTerms")] + pub node_selector_terms: Vec, +} + +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// ContainerSpec defines the properties available to override for each +/// container in a provider deployment such as Image and Args to the container’s +/// entrypoint. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainers { + /// Args represents extra provider specific flags that are not encoded as fields in this API. + /// Explicit controller manager properties defined in the `Provider.ManagerSpec` + /// will have higher precedence than those defined in `ContainerSpec.Args`. + /// For example, `ManagerSpec.SyncPeriod` will be used instead of the + /// container arg `--sync-period` if both are defined. + /// The same holds for `ManagerSpec.FeatureGates` and `--feature-gates`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Command allows override container's entrypoint array. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// List of environment variables to set in the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Container Image URL + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageUrl")] + pub image_url: Option, + /// Name of the container. Cannot be updated. + pub name: String, + /// Compute resources required by this container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainersEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainersEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainersEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainersEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainersEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, +} + +/// Selects a key of a secret in the pod's namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainersEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Compute resources required by this container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentImagePullSecrets { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsDeploymentTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsManager { + /// CacheNamespace if specified restricts the manager's cache to watch objects in + /// the desired namespace Defaults to all namespaces + /// + /// + /// Note: If a namespace is specified, controllers can still Watch for a + /// cluster-scoped resource (e.g Node). For namespaced resources the cache + /// will only hold objects from the desired namespace. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheNamespace")] + pub cache_namespace: Option, + /// Controller contains global configuration options for controllers + /// registered within this manager. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub controller: Option, + /// FeatureGates define provider specific feature flags that will be passed + /// in as container args to the provider's controller manager. + /// Controller Manager flag is --feature-gates. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "featureGates")] + pub feature_gates: Option>, + /// GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop. + /// To disable graceful shutdown, set to time.Duration(0) + /// To use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1) + /// The graceful shutdown is skipped for safety reasons in case the leader election lease is lost. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracefulShutDown")] + pub graceful_shut_down: Option, + /// Health contains the controller health configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub health: Option, + /// LeaderElection is the LeaderElection config to be used when configuring + /// the manager.Manager leader election + #[serde(default, skip_serializing_if = "Option::is_none", rename = "leaderElection")] + pub leader_election: Option, + /// MaxConcurrentReconciles is the maximum number of concurrent Reconciles + /// which can be run. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxConcurrentReconciles")] + pub max_concurrent_reconciles: Option, + /// Metrics contains thw controller metrics configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060). + /// Default empty, meaning the profiler is disabled. + /// Controller Manager flag is --profiler-address. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "profilerAddress")] + pub profiler_address: Option, + /// SyncPeriod determines the minimum frequency at which watched resources are + /// reconciled. A lower period will correct entropy more quickly, but reduce + /// responsiveness to change if there are many watched resources. Change this + /// value only if you know what you are doing. Defaults to 10 hours if unset. + /// there will a 10 percent jitter between the SyncPeriod of all controllers + /// so that all controllers will not send list requests simultaneously. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "syncPeriod")] + pub sync_period: Option, + /// Verbosity set the logs verbosity. Defaults to 1. + /// Controller Manager flag is --verbosity. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub verbosity: Option, + /// Webhook contains the controllers webhook configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub webhook: Option, +} + +/// Controller contains global configuration options for controllers +/// registered within this manager. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsManagerController { + /// CacheSyncTimeout refers to the time limit set to wait for syncing caches. + /// Defaults to 2 minutes if not set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheSyncTimeout")] + pub cache_sync_timeout: Option, + /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation + /// allowed for that controller. + /// + /// + /// When a controller is registered within this manager using the builder utilities, + /// users have to specify the type the controller reconciles in the For(...) call. + /// If the object's kind passed matches one of the keys in this map, the concurrency + /// for that controller is set to the number specified. + /// + /// + /// The key is expected to be consistent in form with GroupKind.String(), + /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] + pub group_kind_concurrency: Option>, + /// RecoverPanic indicates if panics should be recovered. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recoverPanic")] + pub recover_panic: Option, +} + +/// Health contains the controller health configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsManagerHealth { + /// HealthProbeBindAddress is the TCP address that the controller should bind to + /// for serving health probes + /// It can be set to "0" or "" to disable serving the health probe. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthProbeBindAddress")] + pub health_probe_bind_address: Option, + /// LivenessEndpointName, defaults to "healthz" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessEndpointName")] + pub liveness_endpoint_name: Option, + /// ReadinessEndpointName, defaults to "readyz" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessEndpointName")] + pub readiness_endpoint_name: Option, +} + +/// LeaderElection is the LeaderElection config to be used when configuring +/// the manager.Manager leader election +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsManagerLeaderElection { + /// leaderElect enables a leader election client to gain leadership + /// before executing the main loop. Enable this when running replicated + /// components for high availability. + #[serde(rename = "leaderElect")] + pub leader_elect: bool, + /// leaseDuration is the duration that non-leader candidates will wait + /// after observing a leadership renewal until attempting to acquire + /// leadership of a led but unrenewed leader slot. This is effectively the + /// maximum duration that a leader can be stopped before it is replaced + /// by another candidate. This is only applicable if leader election is + /// enabled. + #[serde(rename = "leaseDuration")] + pub lease_duration: String, + /// renewDeadline is the interval between attempts by the acting master to + /// renew a leadership slot before it stops leading. This must be less + /// than or equal to the lease duration. This is only applicable if leader + /// election is enabled. + #[serde(rename = "renewDeadline")] + pub renew_deadline: String, + /// resourceLock indicates the resource object type that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceLock")] + pub resource_lock: String, + /// resourceName indicates the name of resource object that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// resourceName indicates the namespace of resource object that will be used to lock + /// during leader election cycles. + #[serde(rename = "resourceNamespace")] + pub resource_namespace: String, + /// retryPeriod is the duration the clients should wait between attempting + /// acquisition and renewal of a leadership. This is only applicable if + /// leader election is enabled. + #[serde(rename = "retryPeriod")] + pub retry_period: String, +} + +/// Metrics contains thw controller metrics configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsManagerMetrics { + /// BindAddress is the TCP address that the controller should bind to + /// for serving prometheus metrics. + /// It can be set to "0" to disable the metrics serving. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bindAddress")] + pub bind_address: Option, +} + +/// Webhook contains the controllers webhook configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InfrastructureProviderAdditionalDeploymentsManagerWebhook { + /// CertDir is the directory that contains the server key and certificate. + /// if not set, webhook server would look up the server key and certificate in + /// {TempDir}/k8s-webhook-server/serving-certs. The server key and certificate + /// must be named tls.key and tls.crt, respectively. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certDir")] + pub cert_dir: Option, + /// Host is the hostname that the webhook server binds to. + /// It is used to set webhook.Server.Host. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Port is the port that the webhook server serves at. + /// It is used to set webhook.Server.Port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, +} + /// AdditionalManifests is reference to configmap that contains additional manifests that will be applied /// together with the provider components. The key for storing these manifests has to be `manifests`. /// The manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the diff --git a/kube-custom-resources-rs/src/operator_open_cluster_management_io/v1/clustermanagers.rs b/kube-custom-resources-rs/src/operator_open_cluster_management_io/v1/clustermanagers.rs index 09ef72f05..69da439dc 100644 --- a/kube-custom-resources-rs/src/operator_open_cluster_management_io/v1/clustermanagers.rs +++ b/kube-custom-resources-rs/src/operator_open_cluster_management_io/v1/clustermanagers.rs @@ -26,7 +26,8 @@ pub struct ClusterManagerSpec { /// AddOnManagerImagePullSpec represents the desired image configuration of addon manager controller/webhook installed on hub. #[serde(default, skip_serializing_if = "Option::is_none", rename = "addOnManagerImagePullSpec")] pub add_on_manager_image_pull_spec: Option, - /// DeployOption contains the options of deploying a cluster-manager Default mode is used if DeployOption is not set. + /// DeployOption contains the options of deploying a cluster-manager + /// Default mode is used if DeployOption is not set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deployOption")] pub deploy_option: Option, /// NodePlacement enables explicit control over the scheduling of the deployed pods. @@ -41,7 +42,8 @@ pub struct ClusterManagerSpec { /// RegistrationImagePullSpec represents the desired image of registration controller/webhook installed on hub. #[serde(default, skip_serializing_if = "Option::is_none", rename = "registrationImagePullSpec")] pub registration_image_pull_spec: Option, - /// ResourceRequirement specify QoS classes of deployments managed by clustermanager. It applies to all the containers in the deployments. + /// ResourceRequirement specify QoS classes of deployments managed by clustermanager. + /// It applies to all the containers in the deployments. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceRequirement")] pub resource_requirement: Option, /// WorkConfiguration contains the configuration of work @@ -55,7 +57,13 @@ pub struct ClusterManagerSpec { /// AddOnManagerConfiguration contains the configuration of addon manager #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterManagerAddOnManagerConfiguration { - /// FeatureGates represents the list of feature gates for addon manager If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false. + /// FeatureGates represents the list of feature gates for addon manager + /// If it is set empty, default feature gates will be used. + /// If it is set, featuregate/Foo is an example of one item in FeatureGates: + /// 1. If featuregate/Foo does not exist, registration-operator will discard it + /// 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] + /// 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, + /// he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "featureGates")] pub feature_gates: Option>, } @@ -64,7 +72,9 @@ pub struct ClusterManagerAddOnManagerConfiguration { pub struct ClusterManagerAddOnManagerConfigurationFeatureGates { /// Feature is the key of feature gate. e.g. featuregate/Foo. pub feature: String, - /// Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false". + /// Mode is either Enable, Disable, "" where "" is Disable by default. + /// In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". + /// In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false". #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, } @@ -75,13 +85,19 @@ pub enum ClusterManagerAddOnManagerConfigurationFeatureGatesMode { Disable, } -/// DeployOption contains the options of deploying a cluster-manager Default mode is used if DeployOption is not set. +/// DeployOption contains the options of deploying a cluster-manager +/// Default mode is used if DeployOption is not set. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ClusterManagerDeployOption { /// Hosted includes configurations we need for clustermanager in the Hosted mode. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosted: Option, - /// Mode can be Default or Hosted. In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. In Hosted mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of "external-hub-kubeconfig"(a kubeconfig of hub-cluster with cluster-admin permission). Note: Do not modify the Mode field once it's applied. + /// Mode can be Default or Hosted. + /// In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. + /// In Hosted mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another + /// cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of "external-hub-kubeconfig"(a kubeconfig + /// of hub-cluster with cluster-admin permission). + /// Note: Do not modify the Mode field once it's applied. pub mode: ClusterManagerDeployOptionMode, } @@ -99,7 +115,9 @@ pub struct ClusterManagerDeployOptionHosted { /// RegistrationWebhookConfiguration represents the customized webhook-server configuration of registration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterManagerDeployOptionHostedRegistrationWebhookConfiguration { - /// Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster. + /// Address represents the address of a webhook-server. + /// It could be in IP format or fqdn format. + /// The Address must be reachable by apiserver of the hub cluster. pub address: String, /// Port represents the port of a webhook-server. The default value of Port is 443. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -109,14 +127,17 @@ pub struct ClusterManagerDeployOptionHostedRegistrationWebhookConfiguration { /// WorkWebhookConfiguration represents the customized webhook-server configuration of work. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterManagerDeployOptionHostedWorkWebhookConfiguration { - /// Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster. + /// Address represents the address of a webhook-server. + /// It could be in IP format or fqdn format. + /// The Address must be reachable by apiserver of the hub cluster. pub address: String, /// Port represents the port of a webhook-server. The default value of Port is 443. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, } -/// DeployOption contains the options of deploying a cluster-manager Default mode is used if DeployOption is not set. +/// DeployOption contains the options of deploying a cluster-manager +/// Default mode is used if DeployOption is not set. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterManagerDeployOptionMode { Default, @@ -129,27 +150,39 @@ pub struct ClusterManagerNodePlacement { /// NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, - /// Tolerations are attached by pods to tolerate any taint that matches the triple using the matching operator . The default is an empty list. + /// Tolerations are attached by pods to tolerate any taint that matches + /// the triple using the matching operator . + /// The default is an empty list. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterManagerNodePlacementTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -157,10 +190,19 @@ pub struct ClusterManagerNodePlacementTolerations { /// RegistrationConfiguration contains the configuration of registration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterManagerRegistrationConfiguration { - /// AutoApproveUser represents a list of users that can auto approve CSR and accept client. If the credential of the bootstrap-hub-kubeconfig matches to the users, the cluster created by the bootstrap-hub-kubeconfig will be auto-registered into the hub cluster. This takes effect only when ManagedClusterAutoApproval feature gate is enabled. + /// AutoApproveUser represents a list of users that can auto approve CSR and accept client. If the credential of the + /// bootstrap-hub-kubeconfig matches to the users, the cluster created by the bootstrap-hub-kubeconfig will + /// be auto-registered into the hub cluster. This takes effect only when ManagedClusterAutoApproval feature gate + /// is enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoApproveUsers")] pub auto_approve_users: Option>, - /// FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false. + /// FeatureGates represents the list of feature gates for registration + /// If it is set empty, default feature gates will be used. + /// If it is set, featuregate/Foo is an example of one item in FeatureGates: + /// 1. If featuregate/Foo does not exist, registration-operator will discard it + /// 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] + /// 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, + /// he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "featureGates")] pub feature_gates: Option>, } @@ -169,7 +211,9 @@ pub struct ClusterManagerRegistrationConfiguration { pub struct ClusterManagerRegistrationConfigurationFeatureGates { /// Feature is the key of feature gate. e.g. featuregate/Foo. pub feature: String, - /// Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false". + /// Mode is either Enable, Disable, "" where "" is Disable by default. + /// In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". + /// In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false". #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, } @@ -180,7 +224,8 @@ pub enum ClusterManagerRegistrationConfigurationFeatureGatesMode { Disable, } -/// ResourceRequirement specify QoS classes of deployments managed by clustermanager. It applies to all the containers in the deployments. +/// ResourceRequirement specify QoS classes of deployments managed by clustermanager. +/// It applies to all the containers in the deployments. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterManagerResourceRequirement { /// ResourceRequirements defines resource requests and limits when Type is ResourceQosClassResourceRequirement @@ -193,15 +238,25 @@ pub struct ClusterManagerResourceRequirement { /// ResourceRequirements defines resource requests and limits when Type is ResourceQosClassResourceRequirement #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterManagerResourceRequirementResourceRequirements { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -209,11 +264,14 @@ pub struct ClusterManagerResourceRequirementResourceRequirements { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterManagerResourceRequirementResourceRequirementsClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// ResourceRequirement specify QoS classes of deployments managed by clustermanager. It applies to all the containers in the deployments. +/// ResourceRequirement specify QoS classes of deployments managed by clustermanager. +/// It applies to all the containers in the deployments. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterManagerResourceRequirementType { Default, @@ -224,11 +282,25 @@ pub enum ClusterManagerResourceRequirementType { /// WorkConfiguration contains the configuration of work #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterManagerWorkConfiguration { - /// FeatureGates represents the list of feature gates for work If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false. + /// FeatureGates represents the list of feature gates for work + /// If it is set empty, default feature gates will be used. + /// If it is set, featuregate/Foo is an example of one item in FeatureGates: + /// 1. If featuregate/Foo does not exist, registration-operator will discard it + /// 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] + /// 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, + /// he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "featureGates")] pub feature_gates: Option>, - /// WorkDriver represents the type of work driver. Possible values are "kube", "mqtt", or "grpc". If not provided, the default value is "kube". If set to non-"kube" drivers, the klusterlet need to use the same driver. and the driver configuration must be provided in a secret named "work-driver-config" in the namespace where the cluster manager is running, adhering to the following structure: config.yaml: | - /// For detailed driver configuration, please refer to the sdk-go documentation: https://github.com/open-cluster-management-io/sdk-go/blob/main/pkg/cloudevents/README.md#supported-protocols-and-drivers + /// WorkDriver represents the type of work driver. Possible values are "kube", "mqtt", or "grpc". + /// If not provided, the default value is "kube". + /// If set to non-"kube" drivers, the klusterlet need to use the same driver. + /// and the driver configuration must be provided in a secret named "work-driver-config" + /// in the namespace where the cluster manager is running, adhering to the following structure: + /// config.yaml: | + /// + /// + /// + /// For detailed driver configuration, please refer to the sdk-go documentation: https://github.com/open-cluster-management-io/sdk-go/blob/main/pkg/cloudevents/README.md#supported-protocols-and-drivers #[serde(default, skip_serializing_if = "Option::is_none", rename = "workDriver")] pub work_driver: Option, } @@ -237,7 +309,9 @@ pub struct ClusterManagerWorkConfiguration { pub struct ClusterManagerWorkConfigurationFeatureGates { /// Feature is the key of feature gate. e.g. featuregate/Foo. pub feature: String, - /// Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false". + /// Mode is either Enable, Disable, "" where "" is Disable by default. + /// In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". + /// In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false". #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, } @@ -262,7 +336,13 @@ pub enum ClusterManagerWorkConfigurationWorkDriver { /// Status represents the current status of controllers that govern the lifecycle of managed clusters. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterManagerStatus { - /// Conditions contain the different condition statuses for this ClusterManager. Valid condition types are: Applied: Components in hub are applied. Available: Components in hub are available and ready to serve. Progressing: Components in hub are in a transitioning state. Degraded: Components in hub do not match the desired configuration and only provide degraded service. + /// Conditions contain the different condition statuses for this ClusterManager. + /// Valid condition types are: + /// Applied: Components in hub are applied. + /// Available: Components in hub are available and ready to serve. + /// Progressing: Components in hub are in a transitioning state. + /// Degraded: Components in hub do not match the desired configuration and only provide + /// degraded service. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. @@ -276,7 +356,8 @@ pub struct ClusterManagerStatus { pub related_resources: Option>, } -/// GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1 +/// GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. +/// The definition matches the GenerationStatus defined in github.com/openshift/api/v1 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterManagerStatusGenerations { /// group is the group of the resource that you're tracking diff --git a/kube-custom-resources-rs/src/operator_open_cluster_management_io/v1/klusterlets.rs b/kube-custom-resources-rs/src/operator_open_cluster_management_io/v1/klusterlets.rs index d795e8213..5e36fcfbf 100644 --- a/kube-custom-resources-rs/src/operator_open_cluster_management_io/v1/klusterlets.rs +++ b/kube-custom-resources-rs/src/operator_open_cluster_management_io/v1/klusterlets.rs @@ -20,43 +20,59 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct KlusterletSpec { - /// ClusterName is the name of the managed cluster to be created on hub. The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift. + /// ClusterName is the name of the managed cluster to be created on hub. + /// The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterName")] pub cluster_name: Option, /// DeployOption contains the options of deploying a klusterlet #[serde(default, skip_serializing_if = "Option::is_none", rename = "deployOption")] pub deploy_option: Option, - /// ExternalServerURLs represents a list of apiserver urls and ca bundles that is accessible externally If it is set empty, managed cluster has no externally accessible url that hub cluster can visit. + /// ExternalServerURLs represents a list of apiserver urls and ca bundles that is accessible externally + /// If it is set empty, managed cluster has no externally accessible url that hub cluster can visit. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalServerURLs")] pub external_server_ur_ls: Option>, - /// HubApiServerHostAlias contains the host alias for hub api server. registration-agent and work-agent will use it to communicate with hub api server. + /// HubApiServerHostAlias contains the host alias for hub api server. + /// registration-agent and work-agent will use it to communicate with hub api server. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hubApiServerHostAlias")] pub hub_api_server_host_alias: Option, - /// ImagePullSpec represents the desired image configuration of agent, it takes effect only when singleton mode is set. quay.io/open-cluster-management.io/registration-operator:latest will be used if unspecified + /// ImagePullSpec represents the desired image configuration of agent, it takes effect only when + /// singleton mode is set. quay.io/open-cluster-management.io/registration-operator:latest will + /// be used if unspecified #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSpec")] pub image_pull_spec: Option, - /// Namespace is the namespace to deploy the agent on the managed cluster. The namespace must have a prefix of "open-cluster-management-", and if it is not set, the namespace of "open-cluster-management-agent" is used to deploy agent. In addition, the add-ons are deployed to the namespace of "{Namespace}-addon". In the Hosted mode, this namespace still exists on the managed cluster to contain necessary resources, like service accounts, roles and rolebindings, while the agent is deployed to the namespace with the same name as klusterlet on the management cluster. + /// Namespace is the namespace to deploy the agent on the managed cluster. + /// The namespace must have a prefix of "open-cluster-management-", and if it is not set, + /// the namespace of "open-cluster-management-agent" is used to deploy agent. + /// In addition, the add-ons are deployed to the namespace of "{Namespace}-addon". + /// In the Hosted mode, this namespace still exists on the managed cluster to contain + /// necessary resources, like service accounts, roles and rolebindings, while the agent + /// is deployed to the namespace with the same name as klusterlet on the management cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, /// NodePlacement enables explicit control over the scheduling of the deployed pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePlacement")] pub node_placement: Option, - /// PriorityClassName is the name of the PriorityClass that will be used by the deployed klusterlet agent. It will be ignored when the PriorityClass/v1 API is not available on the managed cluster. + /// PriorityClassName is the name of the PriorityClass that will be used by the + /// deployed klusterlet agent. It will be ignored when the PriorityClass/v1 API + /// is not available on the managed cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, /// RegistrationConfiguration contains the configuration of registration #[serde(default, skip_serializing_if = "Option::is_none", rename = "registrationConfiguration")] pub registration_configuration: Option, - /// RegistrationImagePullSpec represents the desired image configuration of registration agent. quay.io/open-cluster-management.io/registration:latest will be used if unspecified. + /// RegistrationImagePullSpec represents the desired image configuration of registration agent. + /// quay.io/open-cluster-management.io/registration:latest will be used if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "registrationImagePullSpec")] pub registration_image_pull_spec: Option, - /// ResourceRequirement specify QoS classes of deployments managed by klusterlet. It applies to all the containers in the deployments. + /// ResourceRequirement specify QoS classes of deployments managed by klusterlet. + /// It applies to all the containers in the deployments. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceRequirement")] pub resource_requirement: Option, /// WorkConfiguration contains the configuration of work #[serde(default, skip_serializing_if = "Option::is_none", rename = "workConfiguration")] pub work_configuration: Option, - /// WorkImagePullSpec represents the desired image configuration of work agent. quay.io/open-cluster-management.io/work:latest will be used if unspecified. + /// WorkImagePullSpec represents the desired image configuration of work agent. + /// quay.io/open-cluster-management.io/work:latest will be used if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workImagePullSpec")] pub work_image_pull_spec: Option, } @@ -64,7 +80,14 @@ pub struct KlusterletSpec { /// DeployOption contains the options of deploying a klusterlet #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KlusterletDeployOption { - /// Mode can be Default, Hosted, Singleton or SingletonHosted. It is Default mode if not specified In Default mode, all klusterlet related resources are deployed on the managed cluster. In Hosted mode, only crd and configurations are installed on the spoke/managed cluster. Controllers run in another cluster (defined as management-cluster) and connect to the mangaged cluster with the kubeconfig in secret of "external-managed-kubeconfig"(a kubeconfig of managed-cluster with cluster-admin permission). In Singleton mode, registration/work agent is started as a single deployment. In SingletonHosted mode, agent is started as a single deployment in hosted mode. Note: Do not modify the Mode field once it's applied. + /// Mode can be Default, Hosted, Singleton or SingletonHosted. It is Default mode if not specified + /// In Default mode, all klusterlet related resources are deployed on the managed cluster. + /// In Hosted mode, only crd and configurations are installed on the spoke/managed cluster. Controllers run in another + /// cluster (defined as management-cluster) and connect to the mangaged cluster with the kubeconfig in secret of + /// "external-managed-kubeconfig"(a kubeconfig of managed-cluster with cluster-admin permission). + /// In Singleton mode, registration/work agent is started as a single deployment. + /// In SingletonHosted mode, agent is started as a single deployment in hosted mode. + /// Note: Do not modify the Mode field once it's applied. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, } @@ -72,7 +95,8 @@ pub struct KlusterletDeployOption { /// ServerURL represents the apiserver url and ca bundle that is accessible externally #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KlusterletExternalServerUrLs { - /// CABundle is the ca bundle to connect to apiserver of the managed cluster. System certs are used if it is not set. + /// CABundle is the ca bundle to connect to apiserver of the managed cluster. + /// System certs are used if it is not set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundle")] pub ca_bundle: Option, /// URL is the url of apiserver endpoint of the managed cluster. @@ -80,7 +104,8 @@ pub struct KlusterletExternalServerUrLs { pub url: Option, } -/// HubApiServerHostAlias contains the host alias for hub api server. registration-agent and work-agent will use it to communicate with hub api server. +/// HubApiServerHostAlias contains the host alias for hub api server. +/// registration-agent and work-agent will use it to communicate with hub api server. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KlusterletHubApiServerHostAlias { /// Hostname for the above IP address. @@ -95,27 +120,39 @@ pub struct KlusterletNodePlacement { /// NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, - /// Tolerations are attached by pods to tolerate any taint that matches the triple using the matching operator . The default is an empty list. + /// Tolerations are attached by pods to tolerate any taint that matches + /// the triple using the matching operator . + /// The default is an empty list. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KlusterletNodePlacementTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -123,45 +160,73 @@ pub struct KlusterletNodePlacementTolerations { /// RegistrationConfiguration contains the configuration of registration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KlusterletRegistrationConfiguration { - /// BootstrapKubeConfigs defines the ordered list of bootstrap kubeconfigs. The order decides which bootstrap kubeconfig to use first when rebootstrap. - /// When the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR is set `hubAcceptsClient=false` on the hub, the controller marks the related bootstrap kubeconfig as "failed". - /// A failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeConfigSeconds. But if the user updates the content of a failed bootstrapkubeconfig, the "failed" mark will be cleared. + /// BootstrapKubeConfigs defines the ordered list of bootstrap kubeconfigs. The order decides which bootstrap kubeconfig to use first when rebootstrap. + /// + /// + /// When the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR + /// is set `hubAcceptsClient=false` on the hub, the controller marks the related bootstrap kubeconfig as "failed". + /// + /// + /// A failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeConfigSeconds. + /// But if the user updates the content of a failed bootstrapkubeconfig, the "failed" mark will be cleared. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bootstrapKubeConfigs")] pub bootstrap_kube_configs: Option, - /// clientCertExpirationSeconds represents the seconds of a client certificate to expire. If it is not set or 0, the default duration seconds will be set by the hub cluster. If the value is larger than the max signing duration seconds set on the hub cluster, the max signing duration seconds will be set. + /// clientCertExpirationSeconds represents the seconds of a client certificate to expire. If it is not set or 0, the default + /// duration seconds will be set by the hub cluster. If the value is larger than the max signing duration seconds set on + /// the hub cluster, the max signing duration seconds will be set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCertExpirationSeconds")] pub client_cert_expiration_seconds: Option, - /// ClusterAnnotations is annotations with the reserve prefix "agent.open-cluster-management.io" set on ManagedCluster when creating only, other actors can update it afterwards. + /// ClusterAnnotations is annotations with the reserve prefix "agent.open-cluster-management.io" set on + /// ManagedCluster when creating only, other actors can update it afterwards. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterAnnotations")] pub cluster_annotations: Option>, - /// FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false. + /// FeatureGates represents the list of feature gates for registration + /// If it is set empty, default feature gates will be used. + /// If it is set, featuregate/Foo is an example of one item in FeatureGates: + /// 1. If featuregate/Foo does not exist, registration-operator will discard it + /// 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] + /// 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, + /// he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "featureGates")] pub feature_gates: Option>, - /// KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 100 + /// KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster. + /// If it is set empty, use the default value: 100 #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeAPIBurst")] pub kube_api_burst: Option, - /// KubeAPIQPS indicates the maximum QPS while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 50 + /// KubeAPIQPS indicates the maximum QPS while talking with apiserver of hub cluster from the spoke cluster. + /// If it is set empty, use the default value: 50 #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeAPIQPS")] pub kube_apiqps: Option, } -/// BootstrapKubeConfigs defines the ordered list of bootstrap kubeconfigs. The order decides which bootstrap kubeconfig to use first when rebootstrap. -/// When the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR is set `hubAcceptsClient=false` on the hub, the controller marks the related bootstrap kubeconfig as "failed". -/// A failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeConfigSeconds. But if the user updates the content of a failed bootstrapkubeconfig, the "failed" mark will be cleared. +/// BootstrapKubeConfigs defines the ordered list of bootstrap kubeconfigs. The order decides which bootstrap kubeconfig to use first when rebootstrap. +/// +/// +/// When the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR +/// is set `hubAcceptsClient=false` on the hub, the controller marks the related bootstrap kubeconfig as "failed". +/// +/// +/// A failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeConfigSeconds. +/// But if the user updates the content of a failed bootstrapkubeconfig, the "failed" mark will be cleared. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KlusterletRegistrationConfigurationBootstrapKubeConfigs { - /// LocalSecretsConfig include a list of secrets that contains the kubeconfigs for ordered bootstrap kubeconifigs. The secrets must be in the same namespace where the agent controller runs. + /// LocalSecretsConfig include a list of secrets that contains the kubeconfigs for ordered bootstrap kubeconifigs. + /// The secrets must be in the same namespace where the agent controller runs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localSecretsConfig")] pub local_secrets_config: Option, - /// Type specifies the type of priority bootstrap kubeconfigs. By default, it is set to None, representing no priority bootstrap kubeconfigs are set. + /// Type specifies the type of priority bootstrap kubeconfigs. + /// By default, it is set to None, representing no priority bootstrap kubeconfigs are set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// LocalSecretsConfig include a list of secrets that contains the kubeconfigs for ordered bootstrap kubeconifigs. The secrets must be in the same namespace where the agent controller runs. +/// LocalSecretsConfig include a list of secrets that contains the kubeconfigs for ordered bootstrap kubeconifigs. +/// The secrets must be in the same namespace where the agent controller runs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KlusterletRegistrationConfigurationBootstrapKubeConfigsLocalSecretsConfig { - /// HubConnectionTimeoutSeconds is used to set the timeout of connecting to the hub cluster. When agent loses the connection to the hub over the timeout seconds, the agent do a rebootstrap. By default is 10 mins. + /// HubConnectionTimeoutSeconds is used to set the timeout of connecting to the hub cluster. + /// When agent loses the connection to the hub over the timeout seconds, the agent do a rebootstrap. + /// By default is 10 mins. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hubConnectionTimeoutSeconds")] pub hub_connection_timeout_seconds: Option, /// KubeConfigSecrets is a list of secret names. The secrets are in the same namespace where the agent controller runs. @@ -176,9 +241,15 @@ pub struct KlusterletRegistrationConfigurationBootstrapKubeConfigsLocalSecretsCo pub name: Option, } -/// BootstrapKubeConfigs defines the ordered list of bootstrap kubeconfigs. The order decides which bootstrap kubeconfig to use first when rebootstrap. -/// When the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR is set `hubAcceptsClient=false` on the hub, the controller marks the related bootstrap kubeconfig as "failed". -/// A failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeConfigSeconds. But if the user updates the content of a failed bootstrapkubeconfig, the "failed" mark will be cleared. +/// BootstrapKubeConfigs defines the ordered list of bootstrap kubeconfigs. The order decides which bootstrap kubeconfig to use first when rebootstrap. +/// +/// +/// When the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR +/// is set `hubAcceptsClient=false` on the hub, the controller marks the related bootstrap kubeconfig as "failed". +/// +/// +/// A failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeConfigSeconds. +/// But if the user updates the content of a failed bootstrapkubeconfig, the "failed" mark will be cleared. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum KlusterletRegistrationConfigurationBootstrapKubeConfigsType { None, @@ -189,7 +260,9 @@ pub enum KlusterletRegistrationConfigurationBootstrapKubeConfigsType { pub struct KlusterletRegistrationConfigurationFeatureGates { /// Feature is the key of feature gate. e.g. featuregate/Foo. pub feature: String, - /// Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false". + /// Mode is either Enable, Disable, "" where "" is Disable by default. + /// In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". + /// In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false". #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, } @@ -200,7 +273,8 @@ pub enum KlusterletRegistrationConfigurationFeatureGatesMode { Disable, } -/// ResourceRequirement specify QoS classes of deployments managed by klusterlet. It applies to all the containers in the deployments. +/// ResourceRequirement specify QoS classes of deployments managed by klusterlet. +/// It applies to all the containers in the deployments. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KlusterletResourceRequirement { /// ResourceRequirements defines resource requests and limits when Type is ResourceQosClassResourceRequirement @@ -213,15 +287,25 @@ pub struct KlusterletResourceRequirement { /// ResourceRequirements defines resource requests and limits when Type is ResourceQosClassResourceRequirement #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KlusterletResourceRequirementResourceRequirements { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -229,11 +313,14 @@ pub struct KlusterletResourceRequirementResourceRequirements { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KlusterletResourceRequirementResourceRequirementsClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// ResourceRequirement specify QoS classes of deployments managed by klusterlet. It applies to all the containers in the deployments. +/// ResourceRequirement specify QoS classes of deployments managed by klusterlet. +/// It applies to all the containers in the deployments. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum KlusterletResourceRequirementType { Default, @@ -244,16 +331,26 @@ pub enum KlusterletResourceRequirementType { /// WorkConfiguration contains the configuration of work #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KlusterletWorkConfiguration { - /// AppliedManifestWorkEvictionGracePeriod is the eviction grace period the work agent will wait before evicting the AppliedManifestWorks, whose corresponding ManifestWorks are missing on the hub cluster, from the managed cluster. If not present, the default value of the work agent will be used. + /// AppliedManifestWorkEvictionGracePeriod is the eviction grace period the work agent will wait before + /// evicting the AppliedManifestWorks, whose corresponding ManifestWorks are missing on the hub cluster, from + /// the managed cluster. If not present, the default value of the work agent will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appliedManifestWorkEvictionGracePeriod")] pub applied_manifest_work_eviction_grace_period: Option, - /// FeatureGates represents the list of feature gates for work If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false. + /// FeatureGates represents the list of feature gates for work + /// If it is set empty, default feature gates will be used. + /// If it is set, featuregate/Foo is an example of one item in FeatureGates: + /// 1. If featuregate/Foo does not exist, registration-operator will discard it + /// 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] + /// 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, + /// he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "featureGates")] pub feature_gates: Option>, - /// KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 100 + /// KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster. + /// If it is set empty, use the default value: 100 #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeAPIBurst")] pub kube_api_burst: Option, - /// KubeAPIQPS indicates the maximum QPS while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 50 + /// KubeAPIQPS indicates the maximum QPS while talking with apiserver of hub cluster from the spoke cluster. + /// If it is set empty, use the default value: 50 #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeAPIQPS")] pub kube_apiqps: Option, } @@ -262,7 +359,9 @@ pub struct KlusterletWorkConfiguration { pub struct KlusterletWorkConfigurationFeatureGates { /// Feature is the key of feature gate. e.g. featuregate/Foo. pub feature: String, - /// Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false". + /// Mode is either Enable, Disable, "" where "" is Disable by default. + /// In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". + /// In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false". #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, } @@ -276,7 +375,13 @@ pub enum KlusterletWorkConfigurationFeatureGatesMode { /// Status represents the current status of Klusterlet agent. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KlusterletStatus { - /// Conditions contain the different condition statuses for this Klusterlet. Valid condition types are: Applied: Components have been applied in the managed cluster. Available: Components in the managed cluster are available and ready to serve. Progressing: Components in the managed cluster are in a transitioning state. Degraded: Components in the managed cluster do not match the desired configuration and only provide degraded service. + /// Conditions contain the different condition statuses for this Klusterlet. + /// Valid condition types are: + /// Applied: Components have been applied in the managed cluster. + /// Available: Components in the managed cluster are available and ready to serve. + /// Progressing: Components in the managed cluster are in a transitioning state. + /// Degraded: Components in the managed cluster do not match the desired configuration and only provide + /// degraded service. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. @@ -290,7 +395,8 @@ pub struct KlusterletStatus { pub related_resources: Option>, } -/// GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1 +/// GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. +/// The definition matches the GenerationStatus defined in github.com/openshift/api/v1 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KlusterletStatusGenerations { /// group is the group of the resource that you're tracking diff --git a/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonchains.rs b/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonchains.rs index c90fc33f7..f046dc70b 100644 --- a/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonchains.rs +++ b/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonchains.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonconfigs.rs b/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonconfigs.rs index cbe0b41f7..5908dd521 100644 --- a/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonconfigs.rs +++ b/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonconfigs.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonhubs.rs b/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonhubs.rs index e7f21ac31..f3a6357e2 100644 --- a/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonhubs.rs +++ b/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonhubs.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektoninstallersets.rs b/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektoninstallersets.rs index 24cc18886..4a588dfcc 100644 --- a/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektoninstallersets.rs +++ b/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektoninstallersets.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonpipelines.rs b/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonpipelines.rs index 916cbb1a4..570bb87cc 100644 --- a/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonpipelines.rs +++ b/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektonpipelines.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektontriggers.rs b/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektontriggers.rs index 62cf038a9..ec0cf9c7c 100644 --- a/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektontriggers.rs +++ b/kube-custom-resources-rs/src/operator_tekton_dev/v1alpha1/tektontriggers.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/installations.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/installations.rs index 6636f3e1d..138f90c2b 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/installations.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/installations.rs @@ -870,7 +870,7 @@ pub struct InstallationCalicoKubeControllersDeploymentSpecTemplateSpecAffinityPo #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct InstallationCalicoKubeControllersDeploymentSpecTemplateSpecContainers { /// Name is an enum which identifies the calico-kube-controllers Deployment container by name. - /// Supported values are: calico-kube-controllers + /// Supported values are: calico-kube-controllers, es-calico-kube-controllers pub name: InstallationCalicoKubeControllersDeploymentSpecTemplateSpecContainersName, /// Resources allows customization of limits and requests for compute resources such as cpu and memory. /// If specified, this overrides the named calico-kube-controllers Deployment container's resources. @@ -885,6 +885,8 @@ pub struct InstallationCalicoKubeControllersDeploymentSpecTemplateSpecContainers pub enum InstallationCalicoKubeControllersDeploymentSpecTemplateSpecContainersName { #[serde(rename = "calico-kube-controllers")] CalicoKubeControllers, + #[serde(rename = "es-calico-kube-controllers")] + EsCalicoKubeControllers, } /// Resources allows customization of limits and requests for compute resources such as cpu and memory. @@ -1095,6 +1097,7 @@ pub enum InstallationCalicoNetworkLinuxDataplane { Bpf, #[serde(rename = "VPP")] Vpp, + Nftables, } /// CalicoNetwork specifies networking configuration options for Calico. @@ -6971,7 +6974,7 @@ pub struct InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplate #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplateSpecContainers { /// Name is an enum which identifies the calico-kube-controllers Deployment container by name. - /// Supported values are: calico-kube-controllers + /// Supported values are: calico-kube-controllers, es-calico-kube-controllers pub name: InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplateSpecContainersName, /// Resources allows customization of limits and requests for compute resources such as cpu and memory. /// If specified, this overrides the named calico-kube-controllers Deployment container's resources. @@ -6986,6 +6989,8 @@ pub struct InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplate pub enum InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplateSpecContainersName { #[serde(rename = "calico-kube-controllers")] CalicoKubeControllers, + #[serde(rename = "es-calico-kube-controllers")] + EsCalicoKubeControllers, } /// Resources allows customization of limits and requests for compute resources such as cpu and memory. @@ -7196,6 +7201,7 @@ pub enum InstallationStatusComputedCalicoNetworkLinuxDataplane { Bpf, #[serde(rename = "VPP")] Vpp, + Nftables, } /// CalicoNetwork specifies networking configuration options for Calico. diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/tenants.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/tenants.rs index d2c50710f..fb9cdef3b 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/tenants.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/tenants.rs @@ -29,6 +29,9 @@ pub struct TenantSpec { /// This field is required for clusters using external ES. #[serde(default, skip_serializing_if = "Option::is_none")] pub elastic: Option, + /// ESKubeControllerDeployment configures the ESKubeController Deployment. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "esKubeControllerDeployment")] + pub es_kube_controller_deployment: Option, /// ID is the unique identifier for this tenant. #[serde(default, skip_serializing_if = "Option::is_none")] pub id: Option, @@ -140,6 +143,801 @@ pub struct TenantElastic { pub url: String, } +/// ESKubeControllerDeployment configures the ESKubeController Deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeployment { + /// Metadata is a subset of a Kubernetes object's metadata that is added to the Deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metadata: Option, + /// Spec is the specification of the calico-kube-controllers Deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub spec: Option, +} + +/// Metadata is a subset of a Kubernetes object's metadata that is added to the Deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentMetadata { + /// Annotations is a map of arbitrary non-identifying metadata. Each of these + /// key/value pairs are added to the object's annotations provided the key does not + /// already exist in the object's annotations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Labels is a map of string keys and values that may match replicaset and + /// service selectors. Each of these key/value pairs are added to the + /// object's labels provided the key does not already exist in the object's labels. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, +} + +/// Spec is the specification of the calico-kube-controllers Deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpec { + /// MinReadySeconds is the minimum number of seconds for which a newly created Deployment pod should + /// be ready without any of its container crashing, for it to be considered available. + /// If specified, this overrides any minReadySeconds value that may be set on the calico-kube-controllers Deployment. + /// If omitted, the calico-kube-controllers Deployment will use its default value for minReadySeconds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReadySeconds")] + pub min_ready_seconds: Option, + /// Template describes the calico-kube-controllers Deployment pod that will be created. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub template: Option, +} + +/// Template describes the calico-kube-controllers Deployment pod that will be created. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplate { + /// Metadata is a subset of a Kubernetes object's metadata that is added to + /// the pod's metadata. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metadata: Option, + /// Spec is the calico-kube-controllers Deployment's PodSpec. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub spec: Option, +} + +/// Metadata is a subset of a Kubernetes object's metadata that is added to +/// the pod's metadata. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateMetadata { + /// Annotations is a map of arbitrary non-identifying metadata. Each of these + /// key/value pairs are added to the object's annotations provided the key does not + /// already exist in the object's annotations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Labels is a map of string keys and values that may match replicaset and + /// service selectors. Each of these key/value pairs are added to the + /// object's labels provided the key does not already exist in the object's labels. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, +} + +/// Spec is the calico-kube-controllers Deployment's PodSpec. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpec { + /// Affinity is a group of affinity scheduling rules for the calico-kube-controllers pods. + /// If specified, this overrides any affinity that may be set on the calico-kube-controllers Deployment. + /// If omitted, the calico-kube-controllers Deployment will use its default value for affinity. + /// WARNING: Please note that this field will override the default calico-kube-controllers Deployment affinity. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub affinity: Option, + /// Containers is a list of calico-kube-controllers containers. + /// If specified, this overrides the specified calico-kube-controllers Deployment containers. + /// If omitted, the calico-kube-controllers Deployment will use its default values for its containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub containers: Option>, + /// NodeSelector is the calico-kube-controllers pod's scheduling constraints. + /// If specified, each of the key/value pairs are added to the calico-kube-controllers Deployment nodeSelector provided + /// the key does not already exist in the object's nodeSelector. + /// If used in conjunction with ControlPlaneNodeSelector, that nodeSelector is set on the calico-kube-controllers Deployment + /// and each of this field's key/value pairs are added to the calico-kube-controllers Deployment nodeSelector provided + /// the key does not already exist in the object's nodeSelector. + /// If omitted, the calico-kube-controllers Deployment will use its default value for nodeSelector. + /// WARNING: Please note that this field will modify the default calico-kube-controllers Deployment nodeSelector. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option>, + /// Tolerations is the calico-kube-controllers pod's tolerations. + /// If specified, this overrides any tolerations that may be set on the calico-kube-controllers Deployment. + /// If omitted, the calico-kube-controllers Deployment will use its default value for tolerations. + /// WARNING: Please note that this field will override the default calico-kube-controllers Deployment tolerations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, +} + +/// Affinity is a group of affinity scheduling rules for the calico-kube-controllers pods. +/// If specified, this overrides any affinity that may be set on the calico-kube-controllers Deployment. +/// If omitted, the calico-kube-controllers Deployment will use its default value for affinity. +/// WARNING: Please note that this field will override the default calico-kube-controllers Deployment affinity. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinity { + /// Describes node affinity scheduling rules for the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] + pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] + pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] + pub pod_anti_affinity: Option, +} + +/// Describes node affinity scheduling rules for the pod. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option, +} + +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. + pub preference: TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + pub weight: i32, +} + +/// A node selector term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. + #[serde(rename = "nodeSelectorTerms")] + pub node_selector_terms: Vec, +} + +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// CalicoKubeControllersDeploymentContainer is a calico-kube-controllers Deployment container. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecContainers { + /// Name is an enum which identifies the calico-kube-controllers Deployment container by name. + /// Supported values are: calico-kube-controllers, es-calico-kube-controllers + pub name: TenantEsKubeControllerDeploymentSpecTemplateSpecContainersName, + /// Resources allows customization of limits and requests for compute resources such as cpu and memory. + /// If specified, this overrides the named calico-kube-controllers Deployment container's resources. + /// If omitted, the calico-kube-controllers Deployment will use its default value for this container's resources. + /// If used in conjunction with the deprecated ComponentResources, then this value takes precedence. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, +} + +/// CalicoKubeControllersDeploymentContainer is a calico-kube-controllers Deployment container. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum TenantEsKubeControllerDeploymentSpecTemplateSpecContainersName { + #[serde(rename = "calico-kube-controllers")] + CalicoKubeControllers, + #[serde(rename = "es-calico-kube-controllers")] + EsCalicoKubeControllers, +} + +/// Resources allows customization of limits and requests for compute resources such as cpu and memory. +/// If specified, this overrides the named calico-kube-controllers Deployment container's resources. +/// If omitted, the calico-kube-controllers Deployment will use its default value for this container's resources. +/// If used in conjunction with the deprecated ComponentResources, then this value takes precedence. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + /// Index defines how to store a tenant's data #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct TenantIndices { diff --git a/kube-custom-resources-rs/src/org_eclipse_che/v2/checlusters.rs b/kube-custom-resources-rs/src/org_eclipse_che/v2/checlusters.rs index bc594c85e..0598d5e0a 100644 --- a/kube-custom-resources-rs/src/org_eclipse_che/v2/checlusters.rs +++ b/kube-custom-resources-rs/src/org_eclipse_che/v2/checlusters.rs @@ -1109,6 +1109,13 @@ pub struct CheClusterDevEnvironments { /// GatewayContainer configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gatewayContainer")] pub gateway_container: Option, + /// IgnoredUnrecoverableEvents defines a list of Kubernetes event names that should + /// be ignored when deciding to fail a workspace that is starting. This option should be used + /// if a transient cluster issue is triggering false-positives (for example, if + /// the cluster occasionally encounters FailedScheduling events). Events listed + /// here will not trigger workspace failures. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoredUnrecoverableEvents")] + pub ignored_unrecoverable_events: Option>, /// ImagePullPolicy defines the imagePullPolicy used for containers in a DevWorkspace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, diff --git a/kube-custom-resources-rs/src/policy_networking_k8s_io/v1alpha1/baselineadminnetworkpolicies.rs b/kube-custom-resources-rs/src/policy_networking_k8s_io/v1alpha1/baselineadminnetworkpolicies.rs index ae4c65829..e132772bc 100644 --- a/kube-custom-resources-rs/src/policy_networking_k8s_io/v1alpha1/baselineadminnetworkpolicies.rs +++ b/kube-custom-resources-rs/src/policy_networking_k8s_io/v1alpha1/baselineadminnetworkpolicies.rs @@ -82,7 +82,7 @@ pub struct BaselineAdminNetworkPolicyEgress { #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, /// To is the list of destinations whose traffic this rule applies to. - /// If any AdminNetworkPolicyEgressPeer matches the destination of outgoing + /// If any BaselineAdminNetworkPolicyEgressPeer matches the destination of outgoing /// traffic then the specified action is applied. /// This field must be defined and contain at least one item. /// @@ -167,7 +167,7 @@ pub struct BaselineAdminNetworkPolicyEgressPortsPortRange { pub start: i32, } -/// AdminNetworkPolicyEgressPeer defines a peer to allow traffic to. +/// BaselineAdminNetworkPolicyEgressPeer defines a peer to allow traffic to. /// Exactly one of the selector pointers must be set for a given peer. If a /// consumer observes none of its fields are set, they must assume an unknown /// option has been specified and fail closed. diff --git a/kube-custom-resources-rs/src/postgres_operator_crunchydata_com/v1beta1/pgadmins.rs b/kube-custom-resources-rs/src/postgres_operator_crunchydata_com/v1beta1/pgadmins.rs index 0e911fde3..7dfe29ee8 100644 --- a/kube-custom-resources-rs/src/postgres_operator_crunchydata_com/v1beta1/pgadmins.rs +++ b/kube-custom-resources-rs/src/postgres_operator_crunchydata_com/v1beta1/pgadmins.rs @@ -21,48 +21,69 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct PGAdminSpec { - /// Scheduling constraints of the PGAdmin pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node + /// Scheduling constraints of the PGAdmin pod. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// Configuration settings for the pgAdmin process. Changes to any of these values will be loaded without validation. Be careful, as you may put pgAdmin into an unusable state. + /// Configuration settings for the pgAdmin process. Changes to any of these + /// values will be loaded without validation. Be careful, as + /// you may put pgAdmin into an unusable state. #[serde(default, skip_serializing_if = "Option::is_none")] pub config: Option, - /// Defines a PersistentVolumeClaim for pgAdmin data. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes + /// Defines a PersistentVolumeClaim for pgAdmin data. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes #[serde(rename = "dataVolumeClaimSpec")] pub data_volume_claim_spec: PGAdminDataVolumeClaimSpec, /// The image name to use for pgAdmin instance. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// ImagePullPolicy is used to determine when Kubernetes will attempt to pull (download) container images. More info: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy + /// ImagePullPolicy is used to determine when Kubernetes will attempt to + /// pull (download) container images. + /// More info: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// The image pull secrets used to pull from a private registry. Changing this value causes all running PGAdmin pods to restart. https://k8s.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + /// The image pull secrets used to pull from a private registry. + /// Changing this value causes all running PGAdmin pods to restart. + /// https://k8s.io/docs/tasks/configure-pod-container/pull-image-private-registry/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] pub image_pull_secrets: Option>, /// Metadata contains metadata for custom resources #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Priority class name for the PGAdmin pod. Changing this value causes PGAdmin pod to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ + /// Priority class name for the PGAdmin pod. Changing this + /// value causes PGAdmin pod to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, /// Resource requirements for the PGAdmin container. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// ServerGroups for importing PostgresClusters to pgAdmin. To create a pgAdmin with no selectors, leave this field empty. A pgAdmin created with no `ServerGroups` will not automatically add any servers through discovery. PostgresClusters can still be added manually. + /// ServerGroups for importing PostgresClusters to pgAdmin. + /// To create a pgAdmin with no selectors, leave this field empty. + /// A pgAdmin created with no `ServerGroups` will not automatically + /// add any servers through discovery. PostgresClusters can still be + /// added manually. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverGroups")] pub server_groups: Option>, - /// ServiceName will be used as the name of a ClusterIP service pointing to the pgAdmin pod and port. If the service already exists, PGO will update the service. For more information about services reference the Kubernetes and CrunchyData documentation. https://kubernetes.io/docs/concepts/services-networking/service/ + /// ServiceName will be used as the name of a ClusterIP service pointing + /// to the pgAdmin pod and port. If the service already exists, PGO will + /// update the service. For more information about services reference + /// the Kubernetes and CrunchyData documentation. + /// https://kubernetes.io/docs/concepts/services-networking/service/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] pub service_name: Option, - /// Tolerations of the PGAdmin pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration + /// Tolerations of the PGAdmin pod. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, - /// pgAdmin users that are managed via the PGAdmin spec. Users can still be added via the pgAdmin GUI, but those users will not show up here. + /// pgAdmin users that are managed via the PGAdmin spec. Users can still + /// be added via the pgAdmin GUI, but those users will not show up here. #[serde(default, skip_serializing_if = "Option::is_none")] pub users: Option>, } -/// Scheduling constraints of the PGAdmin pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node +/// Scheduling constraints of the PGAdmin pod. +/// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinity { /// Describes node affinity scheduling rules for the pod. @@ -79,15 +100,28 @@ pub struct PGAdminAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -107,31 +141,47 @@ pub struct PGAdminAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExec pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -139,7 +189,9 @@ pub struct PGAdminAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecu pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -150,26 +202,38 @@ pub struct PGAdminAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecu pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -177,10 +241,24 @@ pub struct PGAdminAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecu /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -191,144 +269,244 @@ pub struct PGAdminAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecu /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PGAdminAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -336,10 +514,24 @@ pub struct PGAdminAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecut /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -350,169 +542,278 @@ pub struct PGAdminAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringE /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PGAdminAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Configuration settings for the pgAdmin process. Changes to any of these values will be loaded without validation. Be careful, as you may put pgAdmin into an unusable state. +/// Configuration settings for the pgAdmin process. Changes to any of these +/// values will be loaded without validation. Be careful, as +/// you may put pgAdmin into an unusable state. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminConfig { - /// A Secret containing the value for the CONFIG_DATABASE_URI setting. More info: https://www.pgadmin.org/docs/pgadmin4/latest/external_database.html + /// A Secret containing the value for the CONFIG_DATABASE_URI setting. + /// More info: https://www.pgadmin.org/docs/pgadmin4/latest/external_database.html #[serde(default, skip_serializing_if = "Option::is_none", rename = "configDatabaseURI")] pub config_database_uri: Option, - /// Files allows the user to mount projected volumes into the pgAdmin container so that files can be referenced by pgAdmin as needed. + /// Files allows the user to mount projected volumes into the pgAdmin + /// container so that files can be referenced by pgAdmin as needed. #[serde(default, skip_serializing_if = "Option::is_none")] pub files: Option>, - /// Settings for the gunicorn server. More info: https://docs.gunicorn.org/en/latest/settings.html + /// Settings for the gunicorn server. + /// More info: https://docs.gunicorn.org/en/latest/settings.html #[serde(default, skip_serializing_if = "Option::is_none")] pub gunicorn: Option>, - /// A Secret containing the value for the LDAP_BIND_PASSWORD setting. More info: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html + /// A Secret containing the value for the LDAP_BIND_PASSWORD setting. + /// More info: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html #[serde(default, skip_serializing_if = "Option::is_none", rename = "ldapBindPassword")] pub ldap_bind_password: Option, - /// Settings for the pgAdmin server process. Keys should be uppercase and values must be constants. More info: https://www.pgadmin.org/docs/pgadmin4/latest/config_py.html + /// Settings for the pgAdmin server process. Keys should be uppercase and + /// values must be constants. + /// More info: https://www.pgadmin.org/docs/pgadmin4/latest/config_py.html #[serde(default, skip_serializing_if = "Option::is_none")] pub settings: Option>, } -/// A Secret containing the value for the CONFIG_DATABASE_URI setting. More info: https://www.pgadmin.org/docs/pgadmin4/latest/external_database.html +/// A Secret containing the value for the CONFIG_DATABASE_URI setting. +/// More info: https://www.pgadmin.org/docs/pgadmin4/latest/external_database.html #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminConfigConfigDatabaseUri { /// The key of the secret to select from. Must be a valid secret key. @@ -528,10 +829,22 @@ pub struct PGAdminConfigConfigDatabaseUri { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminConfigFiles { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. - /// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project @@ -548,47 +861,79 @@ pub struct PGAdminConfigFiles { pub service_account_token: Option, } -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. -/// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminConfigFilesClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector. + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles. + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, /// Relative path from the volume root to write the bundle. pub path: String, - /// Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated. + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] pub signer_name: Option, } -/// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminConfigFilesClusterTrustBundleLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminConfigFilesClusterTrustBundleLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -596,7 +941,13 @@ pub struct PGAdminConfigFilesClusterTrustBundleLabelSelectorMatchExpressions { /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminConfigFilesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -612,10 +963,18 @@ pub struct PGAdminConfigFilesConfigMap { pub struct PGAdminConfigFilesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -633,12 +992,18 @@ pub struct PGAdminConfigFilesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -654,7 +1019,8 @@ pub struct PGAdminConfigFilesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminConfigFilesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -670,7 +1036,13 @@ pub struct PGAdminConfigFilesDownwardApiItemsResourceFieldRef { /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminConfigFilesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -686,27 +1058,45 @@ pub struct PGAdminConfigFilesSecret { pub struct PGAdminConfigFilesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminConfigFilesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } -/// A Secret containing the value for the LDAP_BIND_PASSWORD setting. More info: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html +/// A Secret containing the value for the LDAP_BIND_PASSWORD setting. +/// More info: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminConfigLdapBindPassword { /// The key of the secret to select from. Must be a valid secret key. @@ -719,31 +1109,79 @@ pub struct PGAdminConfigLdapBindPassword { pub optional: Option, } -/// Defines a PersistentVolumeClaim for pgAdmin data. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes +/// Defines a PersistentVolumeClaim for pgAdmin data. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminDataVolumeClaimSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -751,10 +1189,19 @@ pub struct PGAdminDataVolumeClaimSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminDataVolumeClaimSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -763,28 +1210,62 @@ pub struct PGAdminDataVolumeClaimSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminDataVolumeClaimSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminDataVolumeClaimSpecResources { - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -795,19 +1276,26 @@ pub struct PGAdminDataVolumeClaimSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminDataVolumeClaimSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -820,7 +1308,8 @@ pub enum PGAdminImagePullPolicy { IfNotPresent, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminImagePullSecrets { /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -840,15 +1329,25 @@ pub struct PGAdminMetadata { /// Resource requirements for the PGAdmin container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -856,61 +1355,83 @@ pub struct PGAdminResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminServerGroups { - /// The name for the ServerGroup in pgAdmin. Must be unique in the pgAdmin's ServerGroups since it becomes the ServerGroup name in pgAdmin. + /// The name for the ServerGroup in pgAdmin. + /// Must be unique in the pgAdmin's ServerGroups since it becomes the ServerGroup name in pgAdmin. pub name: String, /// PostgresClusterName selects one cluster to add to pgAdmin by name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "postgresClusterName")] pub postgres_cluster_name: Option, - /// PostgresClusterSelector selects clusters to dynamically add to pgAdmin by matching labels. An empty selector like `{}` will select ALL clusters in the namespace. + /// PostgresClusterSelector selects clusters to dynamically add to pgAdmin by matching labels. + /// An empty selector like `{}` will select ALL clusters in the namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "postgresClusterSelector")] pub postgres_cluster_selector: Option, } -/// PostgresClusterSelector selects clusters to dynamically add to pgAdmin by matching labels. An empty selector like `{}` will select ALL clusters in the namespace. +/// PostgresClusterSelector selects clusters to dynamically add to pgAdmin by matching labels. +/// An empty selector like `{}` will select ALL clusters in the namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminServerGroupsPostgresClusterSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminServerGroupsPostgresClusterSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -920,10 +1441,12 @@ pub struct PGAdminUsers { /// A reference to the secret that holds the user's password. #[serde(rename = "passwordRef")] pub password_ref: PGAdminUsersPasswordRef, - /// Role determines whether the user has admin privileges or not. Defaults to User. Valid options are Administrator and User. + /// Role determines whether the user has admin privileges or not. + /// Defaults to User. Valid options are Administrator and User. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, - /// The username for User in pgAdmin. Must be unique in the pgAdmin's users list. + /// The username for User in pgAdmin. + /// Must be unique in the pgAdmin's users list. pub username: String, } @@ -949,7 +1472,8 @@ pub enum PGAdminUsersRole { /// PGAdminStatus defines the observed state of PGAdmin #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGAdminStatus { - /// conditions represent the observations of pgAdmin's current state. Known .status.conditions.type is: "PersistentVolumeResizing" + /// conditions represent the observations of pgAdmin's current state. + /// Known .status.conditions.type is: "PersistentVolumeResizing" #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// ImageSHA represents the image SHA for the container running pgAdmin. diff --git a/kube-custom-resources-rs/src/postgres_operator_crunchydata_com/v1beta1/pgupgrades.rs b/kube-custom-resources-rs/src/postgres_operator_crunchydata_com/v1beta1/pgupgrades.rs index 28bc7921b..69da268c7 100644 --- a/kube-custom-resources-rs/src/postgres_operator_crunchydata_com/v1beta1/pgupgrades.rs +++ b/kube-custom-resources-rs/src/postgres_operator_crunchydata_com/v1beta1/pgupgrades.rs @@ -21,7 +21,8 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct PGUpgradeSpec { - /// Scheduling constraints of the PGUpgrade pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node + /// Scheduling constraints of the PGUpgrade pod. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, /// The major version of PostgreSQL before the upgrade. @@ -30,10 +31,14 @@ pub struct PGUpgradeSpec { /// The image name to use for major PostgreSQL upgrades. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// ImagePullPolicy is used to determine when Kubernetes will attempt to pull (download) container images. More info: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy + /// ImagePullPolicy is used to determine when Kubernetes will attempt to + /// pull (download) container images. + /// More info: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// The image pull secrets used to pull from a private registry. Changing this value causes all running PGUpgrade pods to restart. https://k8s.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + /// The image pull secrets used to pull from a private registry. + /// Changing this value causes all running PGUpgrade pods to restart. + /// https://k8s.io/docs/tasks/configure-pod-container/pull-image-private-registry/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] pub image_pull_secrets: Option>, /// Metadata contains metadata for custom resources @@ -42,24 +47,29 @@ pub struct PGUpgradeSpec { /// The name of the cluster to be updated #[serde(rename = "postgresClusterName")] pub postgres_cluster_name: String, - /// Priority class name for the PGUpgrade pod. Changing this value causes PGUpgrade pod to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ + /// Priority class name for the PGUpgrade pod. Changing this + /// value causes PGUpgrade pod to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, /// Resource requirements for the PGUpgrade container. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// The image name to use for PostgreSQL containers after upgrade. When omitted, the value comes from an operator environment variable. + /// The image name to use for PostgreSQL containers after upgrade. + /// When omitted, the value comes from an operator environment variable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toPostgresImage")] pub to_postgres_image: Option, /// The major version of PostgreSQL to be upgraded to. #[serde(rename = "toPostgresVersion")] pub to_postgres_version: i64, - /// Tolerations of the PGUpgrade pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration + /// Tolerations of the PGUpgrade pod. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, } -/// Scheduling constraints of the PGUpgrade pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node +/// Scheduling constraints of the PGUpgrade pod. +/// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinity { /// Describes node affinity scheduling rules for the pod. @@ -76,15 +86,28 @@ pub struct PGUpgradeAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -104,31 +127,47 @@ pub struct PGUpgradeAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringEx pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -136,7 +175,9 @@ pub struct PGUpgradeAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExe pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -147,26 +188,38 @@ pub struct PGUpgradeAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExe pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -174,10 +227,24 @@ pub struct PGUpgradeAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExe /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -188,144 +255,244 @@ pub struct PGUpgradeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExe /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PGUpgradeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -333,10 +500,24 @@ pub struct PGUpgradeAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExec /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -347,144 +528,244 @@ pub struct PGUpgradeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDurin /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PGUpgradeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -497,7 +778,8 @@ pub enum PGUpgradeImagePullPolicy { IfNotPresent, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeImagePullSecrets { /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -517,15 +799,25 @@ pub struct PGUpgradeMetadata { /// Resource requirements for the PGUpgrade container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -533,26 +825,38 @@ pub struct PGUpgradeResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PGUpgradeTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } diff --git a/kube-custom-resources-rs/src/postgres_operator_crunchydata_com/v1beta1/postgresclusters.rs b/kube-custom-resources-rs/src/postgres_operator_crunchydata_com/v1beta1/postgresclusters.rs index f8c5b6c5d..2b223cd26 100644 --- a/kube-custom-resources-rs/src/postgres_operator_crunchydata_com/v1beta1/postgresclusters.rs +++ b/kube-custom-resources-rs/src/postgres_operator_crunchydata_com/v1beta1/postgresclusters.rs @@ -25,31 +25,59 @@ pub struct PostgresClusterSpec { pub backups: PostgresClusterBackups, #[serde(default, skip_serializing_if = "Option::is_none")] pub config: Option, - /// The secret containing the replication client certificates and keys for secure connections to the PostgreSQL server. It will need to contain the client TLS certificate, TLS key and the Certificate Authority certificate with the data keys set to tls.crt, tls.key and ca.crt, respectively. NOTE: If CustomReplicationClientTLSSecret is provided, CustomTLSSecret MUST be provided and the ca.crt provided must be the same. + /// The secret containing the replication client certificates and keys for + /// secure connections to the PostgreSQL server. It will need to contain the + /// client TLS certificate, TLS key and the Certificate Authority certificate + /// with the data keys set to tls.crt, tls.key and ca.crt, respectively. + /// NOTE: If CustomReplicationClientTLSSecret is provided, CustomTLSSecret + /// MUST be provided and the ca.crt provided must be the same. #[serde(default, skip_serializing_if = "Option::is_none", rename = "customReplicationTLSSecret")] pub custom_replication_tls_secret: Option, - /// The secret containing the Certificates and Keys to encrypt PostgreSQL traffic will need to contain the server TLS certificate, TLS key and the Certificate Authority certificate with the data keys set to tls.crt, tls.key and ca.crt, respectively. It will then be mounted as a volume projection to the '/pgconf/tls' directory. For more information on Kubernetes secret projections, please see https://k8s.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths NOTE: If CustomTLSSecret is provided, CustomReplicationClientTLSSecret MUST be provided and the ca.crt provided must be the same. + /// The secret containing the Certificates and Keys to encrypt PostgreSQL + /// traffic will need to contain the server TLS certificate, TLS key and the + /// Certificate Authority certificate with the data keys set to tls.crt, + /// tls.key and ca.crt, respectively. It will then be mounted as a volume + /// projection to the '/pgconf/tls' directory. For more information on + /// Kubernetes secret projections, please see + /// https://k8s.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths + /// NOTE: If CustomTLSSecret is provided, CustomReplicationClientTLSSecret + /// MUST be provided and the ca.crt provided must be the same. #[serde(default, skip_serializing_if = "Option::is_none", rename = "customTLSSecret")] pub custom_tls_secret: Option, /// Specifies a data source for bootstrapping the PostgreSQL cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// DatabaseInitSQL defines a ConfigMap containing custom SQL that will be run after the cluster is initialized. This ConfigMap must be in the same namespace as the cluster. + /// DatabaseInitSQL defines a ConfigMap containing custom SQL that will + /// be run after the cluster is initialized. This ConfigMap must be in the same + /// namespace as the cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "databaseInitSQL")] pub database_init_sql: Option, - /// Whether or not the PostgreSQL cluster should use the defined default scheduling constraints. If the field is unset or false, the default scheduling constraints will be used in addition to any custom constraints provided. + /// Whether or not the PostgreSQL cluster should use the defined default + /// scheduling constraints. If the field is unset or false, the default + /// scheduling constraints will be used in addition to any custom constraints + /// provided. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableDefaultPodScheduling")] pub disable_default_pod_scheduling: Option, - /// The image name to use for PostgreSQL containers. When omitted, the value comes from an operator environment variable. For standard PostgreSQL images, the format is RELATED_IMAGE_POSTGRES_{postgresVersion}, e.g. RELATED_IMAGE_POSTGRES_13. For PostGIS enabled PostgreSQL images, the format is RELATED_IMAGE_POSTGRES_{postgresVersion}_GIS_{postGISVersion}, e.g. RELATED_IMAGE_POSTGRES_13_GIS_3.1. + /// The image name to use for PostgreSQL containers. When omitted, the value + /// comes from an operator environment variable. For standard PostgreSQL images, + /// the format is RELATED_IMAGE_POSTGRES_{postgresVersion}, + /// e.g. RELATED_IMAGE_POSTGRES_13. For PostGIS enabled PostgreSQL images, + /// the format is RELATED_IMAGE_POSTGRES_{postgresVersion}_GIS_{postGISVersion}, + /// e.g. RELATED_IMAGE_POSTGRES_13_GIS_3.1. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// ImagePullPolicy is used to determine when Kubernetes will attempt to pull (download) container images. More info: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy + /// ImagePullPolicy is used to determine when Kubernetes will attempt to + /// pull (download) container images. + /// More info: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// The image pull secrets used to pull from a private registry Changing this value causes all running pods to restart. https://k8s.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + /// The image pull secrets used to pull from a private registry + /// Changing this value causes all running pods to restart. + /// https://k8s.io/docs/tasks/configure-pod-container/pull-image-private-registry/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] pub image_pull_secrets: Option>, - /// Specifies one or more sets of PostgreSQL pods that replicate data for this cluster. + /// Specifies one or more sets of PostgreSQL pods that replicate data for + /// this cluster. pub instances: Vec, /// Metadata contains metadata for custom resources #[serde(default, skip_serializing_if = "Option::is_none")] @@ -57,18 +85,22 @@ pub struct PostgresClusterSpec { /// The specification of monitoring tools that connect to PostgreSQL #[serde(default, skip_serializing_if = "Option::is_none")] pub monitoring: Option, - /// Whether or not the PostgreSQL cluster is being deployed to an OpenShift environment. If the field is unset, the operator will automatically detect the environment. + /// Whether or not the PostgreSQL cluster is being deployed to an OpenShift + /// environment. If the field is unset, the operator will automatically + /// detect the environment. #[serde(default, skip_serializing_if = "Option::is_none")] pub openshift: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub patroni: Option, - /// Suspends the rollout and reconciliation of changes made to the PostgresCluster spec. + /// Suspends the rollout and reconciliation of changes made to the + /// PostgresCluster spec. #[serde(default, skip_serializing_if = "Option::is_none")] pub paused: Option, /// The port on which PostgreSQL should listen. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// The PostGIS extension version installed in the PostgreSQL image. When image is not set, indicates a PostGIS enabled image will be used. + /// The PostGIS extension version installed in the PostgreSQL image. + /// When image is not set, indicates a PostGIS enabled image will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "postGISVersion")] pub post_gis_version: Option, /// The major version of PostgreSQL installed in the PostgreSQL image @@ -83,19 +115,27 @@ pub struct PostgresClusterSpec { /// Specification of the service that exposes the PostgreSQL primary instance. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, - /// Whether or not the PostgreSQL cluster should be stopped. When this is true, workloads are scaled to zero and CronJobs are suspended. Other resources, such as Services and Volumes, remain in place. + /// Whether or not the PostgreSQL cluster should be stopped. + /// When this is true, workloads are scaled to zero and CronJobs + /// are suspended. + /// Other resources, such as Services and Volumes, remain in place. #[serde(default, skip_serializing_if = "Option::is_none")] pub shutdown: Option, /// Run this cluster as a read-only copy of an existing cluster or archive. #[serde(default, skip_serializing_if = "Option::is_none")] pub standby: Option, - /// A list of group IDs applied to the process of a container. These can be useful when accessing shared file systems with constrained permissions. More info: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context + /// A list of group IDs applied to the process of a container. These can be + /// useful when accessing shared file systems with constrained permissions. + /// More info: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, /// The specification of a user interface that connects to PostgreSQL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "userInterface")] pub user_interface: Option, - /// Users to create inside PostgreSQL and the databases they should access. The default creates one user that can access one database matching the PostgresCluster name. An empty list creates no users. Removing a user from this list does NOT drop the user nor revoke their access. + /// Users to create inside PostgreSQL and the databases they should access. + /// The default creates one user that can access one database matching the + /// PostgresCluster name. An empty list creates no users. Removing a user + /// from this list does NOT drop the user nor revoke their access. #[serde(default, skip_serializing_if = "Option::is_none")] pub users: Option>, } @@ -110,13 +150,21 @@ pub struct PostgresClusterBackups { /// pgBackRest archive configuration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrest { - /// Projected volumes containing custom pgBackRest configuration. These files are mounted under "/etc/pgbackrest/conf.d" alongside any pgBackRest configuration generated by the PostgreSQL Operator: https://pgbackrest.org/configuration.html + /// Projected volumes containing custom pgBackRest configuration. These files are mounted + /// under "/etc/pgbackrest/conf.d" alongside any pgBackRest configuration generated by the + /// PostgreSQL Operator: + /// https://pgbackrest.org/configuration.html #[serde(default, skip_serializing_if = "Option::is_none")] pub configuration: Option>, - /// Global pgBackRest configuration settings. These settings are included in the "global" section of the pgBackRest configuration generated by the PostgreSQL Operator, and then mounted under "/etc/pgbackrest/conf.d": https://pgbackrest.org/configuration.html + /// Global pgBackRest configuration settings. These settings are included in the "global" + /// section of the pgBackRest configuration generated by the PostgreSQL Operator, and then + /// mounted under "/etc/pgbackrest/conf.d": + /// https://pgbackrest.org/configuration.html #[serde(default, skip_serializing_if = "Option::is_none")] pub global: Option>, - /// The image name to use for pgBackRest containers. Utilized to run pgBackRest repository hosts and backups. The image may also be set using the RELATED_IMAGE_PGBACKREST environment variable + /// The image name to use for pgBackRest containers. Utilized to run + /// pgBackRest repository hosts and backups. The image may also be set using + /// the RELATED_IMAGE_PGBACKREST environment variable #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, /// Jobs field allows configuration for all backup jobs @@ -128,7 +176,9 @@ pub struct PostgresClusterBackupsPgbackrest { /// Metadata contains metadata for custom resources #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Defines configuration for a pgBackRest dedicated repository host. This section is only applicable if at least one "volume" (i.e. PVC-based) repository is defined in the "repos" section, therefore enabling a dedicated repository host Deployment. + /// Defines configuration for a pgBackRest dedicated repository host. This section is only + /// applicable if at least one "volume" (i.e. PVC-based) repository is defined in the "repos" + /// section, therefore enabling a dedicated repository host Deployment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "repoHost")] pub repo_host: Option, /// Defines a pgBackRest repository @@ -144,10 +194,22 @@ pub struct PostgresClusterBackupsPgbackrest { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestConfiguration { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. - /// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project @@ -164,47 +226,79 @@ pub struct PostgresClusterBackupsPgbackrestConfiguration { pub service_account_token: Option, } -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. -/// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestConfigurationClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector. + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles. + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, /// Relative path from the volume root to write the bundle. pub path: String, - /// Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated. + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] pub signer_name: Option, } -/// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestConfigurationClusterTrustBundleLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestConfigurationClusterTrustBundleLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -212,7 +306,13 @@ pub struct PostgresClusterBackupsPgbackrestConfigurationClusterTrustBundleLabelS /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestConfigurationConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -228,10 +328,18 @@ pub struct PostgresClusterBackupsPgbackrestConfigurationConfigMap { pub struct PostgresClusterBackupsPgbackrestConfigurationConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -249,12 +357,18 @@ pub struct PostgresClusterBackupsPgbackrestConfigurationDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -270,7 +384,8 @@ pub struct PostgresClusterBackupsPgbackrestConfigurationDownwardApiItemsFieldRef pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestConfigurationDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -286,7 +401,13 @@ pub struct PostgresClusterBackupsPgbackrestConfigurationDownwardApiItemsResource /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestConfigurationSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -302,47 +423,70 @@ pub struct PostgresClusterBackupsPgbackrestConfigurationSecret { pub struct PostgresClusterBackupsPgbackrestConfigurationSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestConfigurationServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } /// Jobs field allows configuration for all backup jobs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobs { - /// Scheduling constraints of pgBackRest backup Job pods. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node + /// Scheduling constraints of pgBackRest backup Job pods. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// Priority class name for the pgBackRest backup Job pods. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ + /// Priority class name for the pgBackRest backup Job pods. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, - /// Resource limits for backup jobs. Includes manual, scheduled and replica create backups + /// Resource limits for backup jobs. Includes manual, scheduled and replica + /// create backups #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// Tolerations of pgBackRest backup Job pods. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration + /// Tolerations of pgBackRest backup Job pods. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, - /// Limit the lifetime of a Job that has finished. More info: https://kubernetes.io/docs/concepts/workloads/controllers/job + /// Limit the lifetime of a Job that has finished. + /// More info: https://kubernetes.io/docs/concepts/workloads/controllers/job #[serde(default, skip_serializing_if = "Option::is_none", rename = "ttlSecondsAfterFinished")] pub ttl_seconds_after_finished: Option, } -/// Scheduling constraints of pgBackRest backup Job pods. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node +/// Scheduling constraints of pgBackRest backup Job pods. +/// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinity { /// Describes node affinity scheduling rules for the pod. @@ -359,15 +503,28 @@ pub struct PostgresClusterBackupsPgbackrestJobsAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -387,31 +544,47 @@ pub struct PostgresClusterBackupsPgbackrestJobsAffinityNodeAffinityPreferredDuri pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -419,7 +592,9 @@ pub struct PostgresClusterBackupsPgbackrestJobsAffinityNodeAffinityRequiredDurin pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -430,26 +605,38 @@ pub struct PostgresClusterBackupsPgbackrestJobsAffinityNodeAffinityRequiredDurin pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -457,10 +644,24 @@ pub struct PostgresClusterBackupsPgbackrestJobsAffinityNodeAffinityRequiredDurin /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -471,144 +672,244 @@ pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAffinityPreferredDurin /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterBackupsPgbackrestJobsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -616,10 +917,24 @@ pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAffinityRequiredDuring /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -630,160 +945,271 @@ pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAntiAffinityPreferredD /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterBackupsPgbackrestJobsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Resource limits for backup jobs. Includes manual, scheduled and replica create backups +/// Resource limits for backup jobs. Includes manual, scheduled and replica +/// create backups #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -791,26 +1217,38 @@ pub struct PostgresClusterBackupsPgbackrestJobsResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestJobsTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -818,7 +1256,8 @@ pub struct PostgresClusterBackupsPgbackrestJobsTolerations { /// Defines details for manual pgBackRest backup Jobs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestManual { - /// Command line options to include when running the pgBackRest backup command. https://pgbackrest.org/command.html#command-backup + /// Command line options to include when running the pgBackRest backup command. + /// https://pgbackrest.org/command.html#command-backup #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, /// The name of the pgBackRest repo to run the backup command against. @@ -835,33 +1274,46 @@ pub struct PostgresClusterBackupsPgbackrestMetadata { pub labels: Option>, } -/// Defines configuration for a pgBackRest dedicated repository host. This section is only applicable if at least one "volume" (i.e. PVC-based) repository is defined in the "repos" section, therefore enabling a dedicated repository host Deployment. +/// Defines configuration for a pgBackRest dedicated repository host. This section is only +/// applicable if at least one "volume" (i.e. PVC-based) repository is defined in the "repos" +/// section, therefore enabling a dedicated repository host Deployment. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHost { - /// Scheduling constraints of the Dedicated repo host pod. Changing this value causes repo host to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node + /// Scheduling constraints of the Dedicated repo host pod. + /// Changing this value causes repo host to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// Priority class name for the pgBackRest repo host pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ + /// Priority class name for the pgBackRest repo host pod. Changing this value + /// causes PostgreSQL to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, /// Resource requirements for a pgBackRest repository host #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// ConfigMap containing custom SSH configuration. Deprecated: Repository hosts use mTLS for encryption, authentication, and authorization. + /// ConfigMap containing custom SSH configuration. + /// Deprecated: Repository hosts use mTLS for encryption, authentication, and authorization. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sshConfigMap")] pub ssh_config_map: Option, - /// Secret containing custom SSH keys. Deprecated: Repository hosts use mTLS for encryption, authentication, and authorization. + /// Secret containing custom SSH keys. + /// Deprecated: Repository hosts use mTLS for encryption, authentication, and authorization. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sshSecret")] pub ssh_secret: Option, - /// Tolerations of a PgBackRest repo host pod. Changing this value causes a restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration + /// Tolerations of a PgBackRest repo host pod. Changing this value causes a restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, - /// Topology spread constraints of a Dedicated repo host pod. Changing this value causes the repo host to restart. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + /// Topology spread constraints of a Dedicated repo host pod. Changing this + /// value causes the repo host to restart. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] pub topology_spread_constraints: Option>, } -/// Scheduling constraints of the Dedicated repo host pod. Changing this value causes repo host to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node +/// Scheduling constraints of the Dedicated repo host pod. +/// Changing this value causes repo host to restart. +/// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinity { /// Describes node affinity scheduling rules for the pod. @@ -878,15 +1330,28 @@ pub struct PostgresClusterBackupsPgbackrestRepoHostAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -906,31 +1371,47 @@ pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityNodeAffinityPreferred pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -938,7 +1419,9 @@ pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityNodeAffinityRequiredD pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -949,26 +1432,38 @@ pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityNodeAffinityRequiredD pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -976,10 +1471,24 @@ pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityNodeAffinityRequiredD /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -990,144 +1499,244 @@ pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinityPreferredD /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1135,10 +1744,24 @@ pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAffinityRequiredDu /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -1149,144 +1772,244 @@ pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinityPrefer /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1294,15 +2017,25 @@ pub struct PostgresClusterBackupsPgbackrestRepoHostAffinityPodAntiAffinityRequir /// Resource requirements for a pgBackRest repository host #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -1310,14 +2043,23 @@ pub struct PostgresClusterBackupsPgbackrestRepoHostResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// ConfigMap containing custom SSH configuration. Deprecated: Repository hosts use mTLS for encryption, authentication, and authorization. +/// ConfigMap containing custom SSH configuration. +/// Deprecated: Repository hosts use mTLS for encryption, authentication, and authorization. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostSshConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -1333,17 +2075,32 @@ pub struct PostgresClusterBackupsPgbackrestRepoHostSshConfigMap { pub struct PostgresClusterBackupsPgbackrestRepoHostSshConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } -/// Secret containing custom SSH keys. Deprecated: Repository hosts use mTLS for encryption, authentication, and authorization. +/// Secret containing custom SSH keys. +/// Deprecated: Repository hosts use mTLS for encryption, authentication, and authorization. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostSshSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -1359,29 +2116,47 @@ pub struct PostgresClusterBackupsPgbackrestRepoHostSshSecret { pub struct PostgresClusterBackupsPgbackrestRepoHostSshSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -1389,55 +2164,148 @@ pub struct PostgresClusterBackupsPgbackrestRepoHostTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRepoHostTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1453,10 +2321,13 @@ pub struct PostgresClusterBackupsPgbackrestRepos { pub gcs: Option, /// The name of the repository pub name: String, - /// RepoS3 represents a pgBackRest repository that is created using AWS S3 (or S3-compatible) storage + /// RepoS3 represents a pgBackRest repository that is created using AWS S3 (or S3-compatible) + /// storage #[serde(default, skip_serializing_if = "Option::is_none")] pub s3: Option, - /// Defines the schedules for the pgBackRest backups Full, Differential and Incremental backup types are supported: https://pgbackrest.org/user-guide.html#concept/backup + /// Defines the schedules for the pgBackRest backups + /// Full, Differential and Incremental backup types are supported: + /// https://pgbackrest.org/user-guide.html#concept/backup #[serde(default, skip_serializing_if = "Option::is_none")] pub schedules: Option, /// Represents a pgBackRest repository that is created using a PersistentVolumeClaim @@ -1478,7 +2349,8 @@ pub struct PostgresClusterBackupsPgbackrestReposGcs { pub bucket: String, } -/// RepoS3 represents a pgBackRest repository that is created using AWS S3 (or S3-compatible) storage +/// RepoS3 represents a pgBackRest repository that is created using AWS S3 (or S3-compatible) +/// storage #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestReposS3 { /// The S3 bucket utilized for the repository @@ -1489,16 +2361,24 @@ pub struct PostgresClusterBackupsPgbackrestReposS3 { pub region: String, } -/// Defines the schedules for the pgBackRest backups Full, Differential and Incremental backup types are supported: https://pgbackrest.org/user-guide.html#concept/backup +/// Defines the schedules for the pgBackRest backups +/// Full, Differential and Incremental backup types are supported: +/// https://pgbackrest.org/user-guide.html#concept/backup #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestReposSchedules { - /// Defines the Cron schedule for a differential pgBackRest backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax + /// Defines the Cron schedule for a differential pgBackRest backup. + /// Follows the standard Cron schedule syntax: + /// https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax #[serde(default, skip_serializing_if = "Option::is_none")] pub differential: Option, - /// Defines the Cron schedule for a full pgBackRest backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax + /// Defines the Cron schedule for a full pgBackRest backup. + /// Follows the standard Cron schedule syntax: + /// https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax #[serde(default, skip_serializing_if = "Option::is_none")] pub full: Option, - /// Defines the Cron schedule for an incremental pgBackRest backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax + /// Defines the Cron schedule for an incremental pgBackRest backup. + /// Follows the standard Cron schedule syntax: + /// https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax #[serde(default, skip_serializing_if = "Option::is_none")] pub incremental: Option, } @@ -1514,27 +2394,74 @@ pub struct PostgresClusterBackupsPgbackrestReposVolume { /// Defines a PersistentVolumeClaim spec used to create and/or bind a volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestReposVolumeVolumeClaimSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(rename = "accessModes")] pub access_modes: Vec, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources pub resources: PostgresClusterBackupsPgbackrestReposVolumeVolumeClaimSpecResources, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -1542,10 +2469,19 @@ pub struct PostgresClusterBackupsPgbackrestReposVolumeVolumeClaimSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestReposVolumeVolumeClaimSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -1554,28 +2490,62 @@ pub struct PostgresClusterBackupsPgbackrestReposVolumeVolumeClaimSpecDataSource pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestReposVolumeVolumeClaimSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestReposVolumeVolumeClaimSpecResources { - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ pub requests: BTreeMap, } @@ -1585,19 +2555,26 @@ pub struct PostgresClusterBackupsPgbackrestReposVolumeVolumeClaimSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestReposVolumeVolumeClaimSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1605,35 +2582,45 @@ pub struct PostgresClusterBackupsPgbackrestReposVolumeVolumeClaimSpecSelectorMat /// Defines details for performing an in-place restore using pgBackRest #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestore { - /// Scheduling constraints of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node + /// Scheduling constraints of the pgBackRest restore Job. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// The name of an existing PostgresCluster to use as the data source for the new PostgresCluster. Defaults to the name of the PostgresCluster being created if not provided. + /// The name of an existing PostgresCluster to use as the data source for the new PostgresCluster. + /// Defaults to the name of the PostgresCluster being created if not provided. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterName")] pub cluster_name: Option, - /// The namespace of the cluster specified as the data source using the clusterName field. Defaults to the namespace of the PostgresCluster being created if not provided. + /// The namespace of the cluster specified as the data source using the clusterName field. + /// Defaults to the namespace of the PostgresCluster being created if not provided. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterNamespace")] pub cluster_namespace: Option, /// Whether or not in-place pgBackRest restores are enabled for this PostgresCluster. pub enabled: bool, - /// Command line options to include when running the pgBackRest restore command. https://pgbackrest.org/command.html#command-restore + /// Command line options to include when running the pgBackRest restore command. + /// https://pgbackrest.org/command.html#command-restore #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Priority class name for the pgBackRest restore Job pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ + /// Priority class name for the pgBackRest restore Job pod. Changing this + /// value causes PostgreSQL to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, - /// The name of the pgBackRest repo within the source PostgresCluster that contains the backups that should be utilized to perform a pgBackRest restore when initializing the data source for the new PostgresCluster. + /// The name of the pgBackRest repo within the source PostgresCluster that contains the backups + /// that should be utilized to perform a pgBackRest restore when initializing the data source + /// for the new PostgresCluster. #[serde(rename = "repoName")] pub repo_name: String, /// Resource requirements for the pgBackRest restore Job. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// Tolerations of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration + /// Tolerations of the pgBackRest restore Job. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, } -/// Scheduling constraints of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node +/// Scheduling constraints of the pgBackRest restore Job. +/// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinity { /// Describes node affinity scheduling rules for the pod. @@ -1650,15 +2637,28 @@ pub struct PostgresClusterBackupsPgbackrestRestoreAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -1678,31 +2678,47 @@ pub struct PostgresClusterBackupsPgbackrestRestoreAffinityNodeAffinityPreferredD pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -1710,7 +2726,9 @@ pub struct PostgresClusterBackupsPgbackrestRestoreAffinityNodeAffinityRequiredDu pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -1721,26 +2739,38 @@ pub struct PostgresClusterBackupsPgbackrestRestoreAffinityNodeAffinityRequiredDu pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1748,10 +2778,24 @@ pub struct PostgresClusterBackupsPgbackrestRestoreAffinityNodeAffinityRequiredDu /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -1762,144 +2806,244 @@ pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinityPreferredDu /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1907,10 +3051,24 @@ pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAffinityRequiredDur /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -1921,144 +3079,244 @@ pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinityPreferr /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2066,15 +3324,25 @@ pub struct PostgresClusterBackupsPgbackrestRestoreAffinityPodAntiAffinityRequire /// Resource requirements for the pgBackRest restore Job. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -2082,26 +3350,38 @@ pub struct PostgresClusterBackupsPgbackrestRestoreResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestRestoreTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2128,15 +3408,25 @@ pub struct PostgresClusterBackupsPgbackrestSidecarsPgbackrest { /// Resource requirements for a sidecar container #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestSidecarsPgbackrestResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -2144,7 +3434,9 @@ pub struct PostgresClusterBackupsPgbackrestSidecarsPgbackrestResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestSidecarsPgbackrestResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -2159,15 +3451,25 @@ pub struct PostgresClusterBackupsPgbackrestSidecarsPgbackrestConfig { /// Resource requirements for a sidecar container #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestSidecarsPgbackrestConfigResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -2175,7 +3477,9 @@ pub struct PostgresClusterBackupsPgbackrestSidecarsPgbackrestConfigResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterBackupsPgbackrestSidecarsPgbackrestConfigResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -2188,10 +3492,22 @@ pub struct PostgresClusterConfig { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterConfigFiles { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. - /// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project @@ -2208,47 +3524,79 @@ pub struct PostgresClusterConfigFiles { pub service_account_token: Option, } -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. -/// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterConfigFilesClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector. + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles. + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, /// Relative path from the volume root to write the bundle. pub path: String, - /// Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated. + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] pub signer_name: Option, } -/// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterConfigFilesClusterTrustBundleLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterConfigFilesClusterTrustBundleLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2256,7 +3604,13 @@ pub struct PostgresClusterConfigFilesClusterTrustBundleLabelSelectorMatchExpress /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterConfigFilesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -2272,10 +3626,18 @@ pub struct PostgresClusterConfigFilesConfigMap { pub struct PostgresClusterConfigFilesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -2293,12 +3655,18 @@ pub struct PostgresClusterConfigFilesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -2314,7 +3682,8 @@ pub struct PostgresClusterConfigFilesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterConfigFilesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -2330,7 +3699,13 @@ pub struct PostgresClusterConfigFilesDownwardApiItemsResourceFieldRef { /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterConfigFilesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -2346,30 +3721,58 @@ pub struct PostgresClusterConfigFilesSecret { pub struct PostgresClusterConfigFilesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterConfigFilesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } -/// The secret containing the replication client certificates and keys for secure connections to the PostgreSQL server. It will need to contain the client TLS certificate, TLS key and the Certificate Authority certificate with the data keys set to tls.crt, tls.key and ca.crt, respectively. NOTE: If CustomReplicationClientTLSSecret is provided, CustomTLSSecret MUST be provided and the ca.crt provided must be the same. +/// The secret containing the replication client certificates and keys for +/// secure connections to the PostgreSQL server. It will need to contain the +/// client TLS certificate, TLS key and the Certificate Authority certificate +/// with the data keys set to tls.crt, tls.key and ca.crt, respectively. +/// NOTE: If CustomReplicationClientTLSSecret is provided, CustomTLSSecret +/// MUST be provided and the ca.crt provided must be the same. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterCustomReplicationTlsSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -2385,17 +3788,39 @@ pub struct PostgresClusterCustomReplicationTlsSecret { pub struct PostgresClusterCustomReplicationTlsSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } -/// The secret containing the Certificates and Keys to encrypt PostgreSQL traffic will need to contain the server TLS certificate, TLS key and the Certificate Authority certificate with the data keys set to tls.crt, tls.key and ca.crt, respectively. It will then be mounted as a volume projection to the '/pgconf/tls' directory. For more information on Kubernetes secret projections, please see https://k8s.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths NOTE: If CustomTLSSecret is provided, CustomReplicationClientTLSSecret MUST be provided and the ca.crt provided must be the same. +/// The secret containing the Certificates and Keys to encrypt PostgreSQL +/// traffic will need to contain the server TLS certificate, TLS key and the +/// Certificate Authority certificate with the data keys set to tls.crt, +/// tls.key and ca.crt, respectively. It will then be mounted as a volume +/// projection to the '/pgconf/tls' directory. For more information on +/// Kubernetes secret projections, please see +/// https://k8s.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths +/// NOTE: If CustomTLSSecret is provided, CustomReplicationClientTLSSecret +/// MUST be provided and the ca.crt provided must be the same. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterCustomTlsSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -2411,20 +3836,34 @@ pub struct PostgresClusterCustomTlsSecret { pub struct PostgresClusterCustomTlsSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// Specifies a data source for bootstrapping the PostgreSQL cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSource { - /// Defines a pgBackRest cloud-based data source that can be used to pre-populate the PostgreSQL data directory for a new PostgreSQL cluster using a pgBackRest restore. The PGBackRest field is incompatible with the PostgresCluster field: only one data source can be used for pre-populating a new PostgreSQL cluster + /// Defines a pgBackRest cloud-based data source that can be used to pre-populate the + /// PostgreSQL data directory for a new PostgreSQL cluster using a pgBackRest restore. + /// The PGBackRest field is incompatible with the PostgresCluster field: only one + /// data source can be used for pre-populating a new PostgreSQL cluster #[serde(default, skip_serializing_if = "Option::is_none")] pub pgbackrest: Option, - /// Defines a pgBackRest data source that can be used to pre-populate the PostgreSQL data directory for a new PostgreSQL cluster using a pgBackRest restore. The PGBackRest field is incompatible with the PostgresCluster field: only one data source can be used for pre-populating a new PostgreSQL cluster + /// Defines a pgBackRest data source that can be used to pre-populate the PostgreSQL data + /// directory for a new PostgreSQL cluster using a pgBackRest restore. + /// The PGBackRest field is incompatible with the PostgresCluster field: only one + /// data source can be used for pre-populating a new PostgreSQL cluster #[serde(default, skip_serializing_if = "Option::is_none", rename = "postgresCluster")] pub postgres_cluster: Option, /// Defines any existing volumes to reuse for this PostgresCluster. @@ -2432,22 +3871,35 @@ pub struct PostgresClusterDataSource { pub volumes: Option, } -/// Defines a pgBackRest cloud-based data source that can be used to pre-populate the PostgreSQL data directory for a new PostgreSQL cluster using a pgBackRest restore. The PGBackRest field is incompatible with the PostgresCluster field: only one data source can be used for pre-populating a new PostgreSQL cluster +/// Defines a pgBackRest cloud-based data source that can be used to pre-populate the +/// PostgreSQL data directory for a new PostgreSQL cluster using a pgBackRest restore. +/// The PGBackRest field is incompatible with the PostgresCluster field: only one +/// data source can be used for pre-populating a new PostgreSQL cluster #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrest { - /// Scheduling constraints of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node + /// Scheduling constraints of the pgBackRest restore Job. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// Projected volumes containing custom pgBackRest configuration. These files are mounted under "/etc/pgbackrest/conf.d" alongside any pgBackRest configuration generated by the PostgreSQL Operator: https://pgbackrest.org/configuration.html + /// Projected volumes containing custom pgBackRest configuration. These files are mounted + /// under "/etc/pgbackrest/conf.d" alongside any pgBackRest configuration generated by the + /// PostgreSQL Operator: + /// https://pgbackrest.org/configuration.html #[serde(default, skip_serializing_if = "Option::is_none")] pub configuration: Option>, - /// Global pgBackRest configuration settings. These settings are included in the "global" section of the pgBackRest configuration generated by the PostgreSQL Operator, and then mounted under "/etc/pgbackrest/conf.d": https://pgbackrest.org/configuration.html + /// Global pgBackRest configuration settings. These settings are included in the "global" + /// section of the pgBackRest configuration generated by the PostgreSQL Operator, and then + /// mounted under "/etc/pgbackrest/conf.d": + /// https://pgbackrest.org/configuration.html #[serde(default, skip_serializing_if = "Option::is_none")] pub global: Option>, - /// Command line options to include when running the pgBackRest restore command. https://pgbackrest.org/command.html#command-restore + /// Command line options to include when running the pgBackRest restore command. + /// https://pgbackrest.org/command.html#command-restore #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Priority class name for the pgBackRest restore Job pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ + /// Priority class name for the pgBackRest restore Job pod. Changing this + /// value causes PostgreSQL to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, /// Defines a pgBackRest repository @@ -2455,14 +3907,17 @@ pub struct PostgresClusterDataSourcePgbackrest { /// Resource requirements for the pgBackRest restore Job. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// The name of an existing pgBackRest stanza to use as the data source for the new PostgresCluster. Defaults to `db` if not provided. + /// The name of an existing pgBackRest stanza to use as the data source for the new PostgresCluster. + /// Defaults to `db` if not provided. pub stanza: String, - /// Tolerations of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration + /// Tolerations of the pgBackRest restore Job. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, } -/// Scheduling constraints of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node +/// Scheduling constraints of the pgBackRest restore Job. +/// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinity { /// Describes node affinity scheduling rules for the pod. @@ -2479,15 +3934,28 @@ pub struct PostgresClusterDataSourcePgbackrestAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -2507,31 +3975,47 @@ pub struct PostgresClusterDataSourcePgbackrestAffinityNodeAffinityPreferredDurin pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -2539,7 +4023,9 @@ pub struct PostgresClusterDataSourcePgbackrestAffinityNodeAffinityRequiredDuring pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -2550,26 +4036,38 @@ pub struct PostgresClusterDataSourcePgbackrestAffinityNodeAffinityRequiredDuring pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2577,10 +4075,24 @@ pub struct PostgresClusterDataSourcePgbackrestAffinityNodeAffinityRequiredDuring /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -2591,144 +4103,244 @@ pub struct PostgresClusterDataSourcePgbackrestAffinityPodAffinityPreferredDuring /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterDataSourcePgbackrestAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2736,10 +4348,24 @@ pub struct PostgresClusterDataSourcePgbackrestAffinityPodAffinityRequiredDuringS /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -2750,144 +4376,244 @@ pub struct PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinityPreferredDu /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2895,10 +4621,22 @@ pub struct PostgresClusterDataSourcePgbackrestAffinityPodAntiAffinityRequiredDur /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestConfiguration { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. - /// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project @@ -2915,47 +4653,79 @@ pub struct PostgresClusterDataSourcePgbackrestConfiguration { pub service_account_token: Option, } -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. -/// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestConfigurationClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector. + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles. + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, /// Relative path from the volume root to write the bundle. pub path: String, - /// Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated. + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] pub signer_name: Option, } -/// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestConfigurationClusterTrustBundleLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestConfigurationClusterTrustBundleLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2963,7 +4733,13 @@ pub struct PostgresClusterDataSourcePgbackrestConfigurationClusterTrustBundleLab /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestConfigurationConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -2979,10 +4755,18 @@ pub struct PostgresClusterDataSourcePgbackrestConfigurationConfigMap { pub struct PostgresClusterDataSourcePgbackrestConfigurationConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -3000,12 +4784,18 @@ pub struct PostgresClusterDataSourcePgbackrestConfigurationDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -3021,7 +4811,8 @@ pub struct PostgresClusterDataSourcePgbackrestConfigurationDownwardApiItemsField pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestConfigurationDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -3037,7 +4828,13 @@ pub struct PostgresClusterDataSourcePgbackrestConfigurationDownwardApiItemsResou /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestConfigurationSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -3053,23 +4850,40 @@ pub struct PostgresClusterDataSourcePgbackrestConfigurationSecret { pub struct PostgresClusterDataSourcePgbackrestConfigurationSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestConfigurationServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } @@ -3084,10 +4898,13 @@ pub struct PostgresClusterDataSourcePgbackrestRepo { pub gcs: Option, /// The name of the repository pub name: String, - /// RepoS3 represents a pgBackRest repository that is created using AWS S3 (or S3-compatible) storage + /// RepoS3 represents a pgBackRest repository that is created using AWS S3 (or S3-compatible) + /// storage #[serde(default, skip_serializing_if = "Option::is_none")] pub s3: Option, - /// Defines the schedules for the pgBackRest backups Full, Differential and Incremental backup types are supported: https://pgbackrest.org/user-guide.html#concept/backup + /// Defines the schedules for the pgBackRest backups + /// Full, Differential and Incremental backup types are supported: + /// https://pgbackrest.org/user-guide.html#concept/backup #[serde(default, skip_serializing_if = "Option::is_none")] pub schedules: Option, /// Represents a pgBackRest repository that is created using a PersistentVolumeClaim @@ -3109,7 +4926,8 @@ pub struct PostgresClusterDataSourcePgbackrestRepoGcs { pub bucket: String, } -/// RepoS3 represents a pgBackRest repository that is created using AWS S3 (or S3-compatible) storage +/// RepoS3 represents a pgBackRest repository that is created using AWS S3 (or S3-compatible) +/// storage #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestRepoS3 { /// The S3 bucket utilized for the repository @@ -3120,16 +4938,24 @@ pub struct PostgresClusterDataSourcePgbackrestRepoS3 { pub region: String, } -/// Defines the schedules for the pgBackRest backups Full, Differential and Incremental backup types are supported: https://pgbackrest.org/user-guide.html#concept/backup +/// Defines the schedules for the pgBackRest backups +/// Full, Differential and Incremental backup types are supported: +/// https://pgbackrest.org/user-guide.html#concept/backup #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestRepoSchedules { - /// Defines the Cron schedule for a differential pgBackRest backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax + /// Defines the Cron schedule for a differential pgBackRest backup. + /// Follows the standard Cron schedule syntax: + /// https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax #[serde(default, skip_serializing_if = "Option::is_none")] pub differential: Option, - /// Defines the Cron schedule for a full pgBackRest backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax + /// Defines the Cron schedule for a full pgBackRest backup. + /// Follows the standard Cron schedule syntax: + /// https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax #[serde(default, skip_serializing_if = "Option::is_none")] pub full: Option, - /// Defines the Cron schedule for an incremental pgBackRest backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax + /// Defines the Cron schedule for an incremental pgBackRest backup. + /// Follows the standard Cron schedule syntax: + /// https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax #[serde(default, skip_serializing_if = "Option::is_none")] pub incremental: Option, } @@ -3145,28 +4971,75 @@ pub struct PostgresClusterDataSourcePgbackrestRepoVolume { /// Defines a PersistentVolumeClaim spec used to create and/or bind a volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestRepoVolumeVolumeClaimSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -3174,10 +5047,19 @@ pub struct PostgresClusterDataSourcePgbackrestRepoVolumeVolumeClaimSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestRepoVolumeVolumeClaimSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -3186,28 +5068,62 @@ pub struct PostgresClusterDataSourcePgbackrestRepoVolumeVolumeClaimSpecDataSourc pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestRepoVolumeVolumeClaimSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestRepoVolumeVolumeClaimSpecResources { - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3218,19 +5134,26 @@ pub struct PostgresClusterDataSourcePgbackrestRepoVolumeVolumeClaimSpecSelector /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestRepoVolumeVolumeClaimSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3238,15 +5161,25 @@ pub struct PostgresClusterDataSourcePgbackrestRepoVolumeVolumeClaimSpecSelectorM /// Resource requirements for the pgBackRest restore Job. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3254,60 +5187,85 @@ pub struct PostgresClusterDataSourcePgbackrestResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePgbackrestTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } -/// Defines a pgBackRest data source that can be used to pre-populate the PostgreSQL data directory for a new PostgreSQL cluster using a pgBackRest restore. The PGBackRest field is incompatible with the PostgresCluster field: only one data source can be used for pre-populating a new PostgreSQL cluster +/// Defines a pgBackRest data source that can be used to pre-populate the PostgreSQL data +/// directory for a new PostgreSQL cluster using a pgBackRest restore. +/// The PGBackRest field is incompatible with the PostgresCluster field: only one +/// data source can be used for pre-populating a new PostgreSQL cluster #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresCluster { - /// Scheduling constraints of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node + /// Scheduling constraints of the pgBackRest restore Job. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// The name of an existing PostgresCluster to use as the data source for the new PostgresCluster. Defaults to the name of the PostgresCluster being created if not provided. + /// The name of an existing PostgresCluster to use as the data source for the new PostgresCluster. + /// Defaults to the name of the PostgresCluster being created if not provided. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterName")] pub cluster_name: Option, - /// The namespace of the cluster specified as the data source using the clusterName field. Defaults to the namespace of the PostgresCluster being created if not provided. + /// The namespace of the cluster specified as the data source using the clusterName field. + /// Defaults to the namespace of the PostgresCluster being created if not provided. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterNamespace")] pub cluster_namespace: Option, - /// Command line options to include when running the pgBackRest restore command. https://pgbackrest.org/command.html#command-restore + /// Command line options to include when running the pgBackRest restore command. + /// https://pgbackrest.org/command.html#command-restore #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Priority class name for the pgBackRest restore Job pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ + /// Priority class name for the pgBackRest restore Job pod. Changing this + /// value causes PostgreSQL to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, - /// The name of the pgBackRest repo within the source PostgresCluster that contains the backups that should be utilized to perform a pgBackRest restore when initializing the data source for the new PostgresCluster. + /// The name of the pgBackRest repo within the source PostgresCluster that contains the backups + /// that should be utilized to perform a pgBackRest restore when initializing the data source + /// for the new PostgresCluster. #[serde(rename = "repoName")] pub repo_name: String, /// Resource requirements for the pgBackRest restore Job. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// Tolerations of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration + /// Tolerations of the pgBackRest restore Job. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, } -/// Scheduling constraints of the pgBackRest restore Job. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node +/// Scheduling constraints of the pgBackRest restore Job. +/// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinity { /// Describes node affinity scheduling rules for the pod. @@ -3324,15 +5282,28 @@ pub struct PostgresClusterDataSourcePostgresClusterAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -3352,31 +5323,47 @@ pub struct PostgresClusterDataSourcePostgresClusterAffinityNodeAffinityPreferred pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -3384,7 +5371,9 @@ pub struct PostgresClusterDataSourcePostgresClusterAffinityNodeAffinityRequiredD pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -3395,26 +5384,38 @@ pub struct PostgresClusterDataSourcePostgresClusterAffinityNodeAffinityRequiredD pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3422,10 +5423,24 @@ pub struct PostgresClusterDataSourcePostgresClusterAffinityNodeAffinityRequiredD /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -3436,144 +5451,244 @@ pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAffinityPreferredD /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterDataSourcePostgresClusterAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3581,10 +5696,24 @@ pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAffinityRequiredDu /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -3595,144 +5724,244 @@ pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinityPrefer /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3740,15 +5969,25 @@ pub struct PostgresClusterDataSourcePostgresClusterAffinityPodAntiAffinityRequir /// Resource requirements for the pgBackRest restore Job. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3756,26 +5995,38 @@ pub struct PostgresClusterDataSourcePostgresClusterResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourcePostgresClusterTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3783,21 +6034,27 @@ pub struct PostgresClusterDataSourcePostgresClusterTolerations { /// Defines any existing volumes to reuse for this PostgresCluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourceVolumes { - /// Defines the existing pgBackRest repo volume and directory to use in the current PostgresCluster. + /// Defines the existing pgBackRest repo volume and directory to use in the + /// current PostgresCluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pgBackRestVolume")] pub pg_back_rest_volume: Option, - /// Defines the existing pgData volume and directory to use in the current PostgresCluster. + /// Defines the existing pgData volume and directory to use in the current + /// PostgresCluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pgDataVolume")] pub pg_data_volume: Option, - /// Defines the existing pg_wal volume and directory to use in the current PostgresCluster. Note that a defined pg_wal volume MUST be accompanied by a pgData volume. + /// Defines the existing pg_wal volume and directory to use in the current + /// PostgresCluster. Note that a defined pg_wal volume MUST be accompanied by + /// a pgData volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pgWALVolume")] pub pg_wal_volume: Option, } -/// Defines the existing pgBackRest repo volume and directory to use in the current PostgresCluster. +/// Defines the existing pgBackRest repo volume and directory to use in the +/// current PostgresCluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourceVolumesPgBackRestVolume { - /// The existing directory. When not set, a move Job is not created for the associated volume. + /// The existing directory. When not set, a move Job is not created for the + /// associated volume. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// The existing PVC name. @@ -3805,10 +6062,12 @@ pub struct PostgresClusterDataSourceVolumesPgBackRestVolume { pub pvc_name: String, } -/// Defines the existing pgData volume and directory to use in the current PostgresCluster. +/// Defines the existing pgData volume and directory to use in the current +/// PostgresCluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourceVolumesPgDataVolume { - /// The existing directory. When not set, a move Job is not created for the associated volume. + /// The existing directory. When not set, a move Job is not created for the + /// associated volume. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// The existing PVC name. @@ -3816,10 +6075,13 @@ pub struct PostgresClusterDataSourceVolumesPgDataVolume { pub pvc_name: String, } -/// Defines the existing pg_wal volume and directory to use in the current PostgresCluster. Note that a defined pg_wal volume MUST be accompanied by a pgData volume. +/// Defines the existing pg_wal volume and directory to use in the current +/// PostgresCluster. Note that a defined pg_wal volume MUST be accompanied by +/// a pgData volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDataSourceVolumesPgWalVolume { - /// The existing directory. When not set, a move Job is not created for the associated volume. + /// The existing directory. When not set, a move Job is not created for the + /// associated volume. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// The existing PVC name. @@ -3827,7 +6089,9 @@ pub struct PostgresClusterDataSourceVolumesPgWalVolume { pub pvc_name: String, } -/// DatabaseInitSQL defines a ConfigMap containing custom SQL that will be run after the cluster is initialized. This ConfigMap must be in the same namespace as the cluster. +/// DatabaseInitSQL defines a ConfigMap containing custom SQL that will +/// be run after the cluster is initialized. This ConfigMap must be in the same +/// namespace as the cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterDatabaseInitSql { /// Key is the ConfigMap data key that points to a SQL string @@ -3844,7 +6108,8 @@ pub enum PostgresClusterImagePullPolicy { IfNotPresent, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterImagePullSecrets { /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -3854,25 +6119,35 @@ pub struct PostgresClusterImagePullSecrets { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstances { - /// Scheduling constraints of a PostgreSQL pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node + /// Scheduling constraints of a PostgreSQL pod. Changing this value causes + /// PostgreSQL to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// Custom sidecars for PostgreSQL instance pods. Changing this value causes PostgreSQL to restart. + /// Custom sidecars for PostgreSQL instance pods. Changing this value causes + /// PostgreSQL to restart. #[serde(default, skip_serializing_if = "Option::is_none")] pub containers: Option>, - /// Defines a PersistentVolumeClaim for PostgreSQL data. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes + /// Defines a PersistentVolumeClaim for PostgreSQL data. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes #[serde(rename = "dataVolumeClaimSpec")] pub data_volume_claim_spec: PostgresClusterInstancesDataVolumeClaimSpec, /// Metadata contains metadata for custom resources #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Minimum number of pods that should be available at a time. Defaults to one when the replicas field is greater than one. + /// Minimum number of pods that should be available at a time. + /// Defaults to one when the replicas field is greater than one. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAvailable")] pub min_available: Option, - /// Name that associates this set of PostgreSQL pods. This field is optional when only one instance set is defined. Each instance set in a cluster must have a unique name. The combined length of this and the cluster name must be 46 characters or less. + /// Name that associates this set of PostgreSQL pods. This field is optional + /// when only one instance set is defined. Each instance set in a cluster + /// must have a unique name. The combined length of this and the cluster name + /// must be 46 characters or less. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Priority class name for the PostgreSQL pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ + /// Priority class name for the PostgreSQL pod. Changing this value causes + /// PostgreSQL to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, /// Number of desired PostgreSQL pods. @@ -3884,21 +6159,28 @@ pub struct PostgresClusterInstances { /// Configuration for instance sidecar containers #[serde(default, skip_serializing_if = "Option::is_none")] pub sidecars: Option, - /// The list of tablespaces volumes to mount for this postgrescluster This field requires enabling TablespaceVolumes feature gate + /// The list of tablespaces volumes to mount for this postgrescluster + /// This field requires enabling TablespaceVolumes feature gate #[serde(default, skip_serializing_if = "Option::is_none", rename = "tablespaceVolumes")] pub tablespace_volumes: Option>, - /// Tolerations of a PostgreSQL pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration + /// Tolerations of a PostgreSQL pod. Changing this value causes PostgreSQL to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, - /// Topology spread constraints of a PostgreSQL pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + /// Topology spread constraints of a PostgreSQL pod. Changing this value causes + /// PostgreSQL to restart. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] pub topology_spread_constraints: Option>, - /// Defines a separate PersistentVolumeClaim for PostgreSQL's write-ahead log. More info: https://www.postgresql.org/docs/current/wal.html + /// Defines a separate PersistentVolumeClaim for PostgreSQL's write-ahead log. + /// More info: https://www.postgresql.org/docs/current/wal.html #[serde(default, skip_serializing_if = "Option::is_none", rename = "walVolumeClaimSpec")] pub wal_volume_claim_spec: Option, } -/// Scheduling constraints of a PostgreSQL pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node +/// Scheduling constraints of a PostgreSQL pod. Changing this value causes +/// PostgreSQL to restart. +/// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinity { /// Describes node affinity scheduling rules for the pod. @@ -3915,15 +6197,28 @@ pub struct PostgresClusterInstancesAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -3943,31 +6238,47 @@ pub struct PostgresClusterInstancesAffinityNodeAffinityPreferredDuringScheduling pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -3975,7 +6286,9 @@ pub struct PostgresClusterInstancesAffinityNodeAffinityRequiredDuringSchedulingI pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -3986,26 +6299,38 @@ pub struct PostgresClusterInstancesAffinityNodeAffinityRequiredDuringSchedulingI pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4013,10 +6338,24 @@ pub struct PostgresClusterInstancesAffinityNodeAffinityRequiredDuringSchedulingI /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -4027,144 +6366,244 @@ pub struct PostgresClusterInstancesAffinityPodAffinityPreferredDuringSchedulingI /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterInstancesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4172,10 +6611,24 @@ pub struct PostgresClusterInstancesAffinityPodAffinityRequiredDuringSchedulingIg /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -4186,144 +6639,244 @@ pub struct PostgresClusterInstancesAffinityPodAntiAffinityPreferredDuringSchedul /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterInstancesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4331,75 +6884,166 @@ pub struct PostgresClusterInstancesAffinityPodAntiAffinityRequiredDuringScheduli /// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainers { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -4409,7 +7053,15 @@ pub struct PostgresClusterInstancesContainers { pub struct PostgresClusterInstancesContainersEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -4423,10 +7075,12 @@ pub struct PostgresClusterInstancesContainersEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -4447,7 +7101,8 @@ pub struct PostgresClusterInstancesContainersEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -4458,7 +7113,8 @@ pub struct PostgresClusterInstancesContainersEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -4520,18 +7176,33 @@ pub struct PostgresClusterInstancesContainersEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLifecyclePostStart { /// Exec specifies the action to take. @@ -4543,7 +7214,9 @@ pub struct PostgresClusterInstancesContainersLifecyclePostStart { /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -4551,7 +7224,11 @@ pub struct PostgresClusterInstancesContainersLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -4559,7 +7236,8 @@ pub struct PostgresClusterInstancesContainersLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -4568,9 +7246,12 @@ pub struct PostgresClusterInstancesContainersLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -4578,7 +7259,8 @@ pub struct PostgresClusterInstancesContainersLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -4591,17 +7273,29 @@ pub struct PostgresClusterInstancesContainersLifecyclePostStartSleep { pub seconds: i64, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLifecyclePreStop { /// Exec specifies the action to take. @@ -4613,7 +7307,9 @@ pub struct PostgresClusterInstancesContainersLifecyclePreStop { /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -4621,7 +7317,11 @@ pub struct PostgresClusterInstancesContainersLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -4629,7 +7329,8 @@ pub struct PostgresClusterInstancesContainersLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -4638,9 +7339,12 @@ pub struct PostgresClusterInstancesContainersLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -4648,7 +7352,8 @@ pub struct PostgresClusterInstancesContainersLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -4661,23 +7366,31 @@ pub struct PostgresClusterInstancesContainersLifecyclePreStopSleep { pub seconds: i64, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -4686,22 +7399,36 @@ pub struct PostgresClusterInstancesContainersLivenessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -4709,7 +7436,11 @@ pub struct PostgresClusterInstancesContainersLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -4719,8 +7450,11 @@ pub struct PostgresClusterInstancesContainersLivenessProbeExec { pub struct PostgresClusterInstancesContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -4728,7 +7462,8 @@ pub struct PostgresClusterInstancesContainersLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -4737,9 +7472,12 @@ pub struct PostgresClusterInstancesContainersLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -4747,7 +7485,8 @@ pub struct PostgresClusterInstancesContainersLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -4759,37 +7498,50 @@ pub struct PostgresClusterInstancesContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -4798,22 +7550,36 @@ pub struct PostgresClusterInstancesContainersReadinessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -4821,7 +7587,11 @@ pub struct PostgresClusterInstancesContainersReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -4831,8 +7601,11 @@ pub struct PostgresClusterInstancesContainersReadinessProbeExec { pub struct PostgresClusterInstancesContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -4840,7 +7613,8 @@ pub struct PostgresClusterInstancesContainersReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -4849,9 +7623,12 @@ pub struct PostgresClusterInstancesContainersReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -4859,7 +7636,8 @@ pub struct PostgresClusterInstancesContainersReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -4871,33 +7649,49 @@ pub struct PostgresClusterInstancesContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersResizePolicy { - /// Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, - /// Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -4905,63 +7699,120 @@ pub struct PostgresClusterInstancesContainersResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] pub app_armor_profile: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersSecurityContextAppArmorProfile { - /// localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost". + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement. + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. #[serde(rename = "type")] pub r#type: String, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersSecurityContextCapabilities { /// Added capabilities @@ -4972,7 +7823,11 @@ pub struct PostgresClusterInstancesContainersSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -4989,10 +7844,16 @@ pub struct PostgresClusterInstancesContainersSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, /// type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -5000,30 +7861,48 @@ pub struct PostgresClusterInstancesContainersSecurityContextSeccompProfile { pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -5032,22 +7911,36 @@ pub struct PostgresClusterInstancesContainersStartupProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -5055,7 +7948,11 @@ pub struct PostgresClusterInstancesContainersStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -5065,8 +7962,11 @@ pub struct PostgresClusterInstancesContainersStartupProbeExec { pub struct PostgresClusterInstancesContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -5074,7 +7974,8 @@ pub struct PostgresClusterInstancesContainersStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -5083,9 +7984,12 @@ pub struct PostgresClusterInstancesContainersStartupProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -5093,7 +7997,8 @@ pub struct PostgresClusterInstancesContainersStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -5105,7 +8010,9 @@ pub struct PostgresClusterInstancesContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -5122,56 +8029,130 @@ pub struct PostgresClusterInstancesContainersVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None). + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// RecursiveReadOnly specifies whether read-only mounts should be handled recursively. - /// If ReadOnly is false, this field has no meaning and must be unspecified. - /// If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. - /// If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). - /// If this field is not specified, it is treated as an equivalent of Disabled. + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] pub recursive_read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } -/// Defines a PersistentVolumeClaim for PostgreSQL data. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes +/// Defines a PersistentVolumeClaim for PostgreSQL data. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesDataVolumeClaimSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(rename = "accessModes")] pub access_modes: Vec, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources pub resources: PostgresClusterInstancesDataVolumeClaimSpecResources, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -5179,10 +8160,19 @@ pub struct PostgresClusterInstancesDataVolumeClaimSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesDataVolumeClaimSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -5191,28 +8181,62 @@ pub struct PostgresClusterInstancesDataVolumeClaimSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesDataVolumeClaimSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesDataVolumeClaimSpecResources { - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ pub requests: BTreeMap, } @@ -5222,19 +8246,26 @@ pub struct PostgresClusterInstancesDataVolumeClaimSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesDataVolumeClaimSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5251,15 +8282,25 @@ pub struct PostgresClusterInstancesMetadata { /// Compute resources of a PostgreSQL container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -5267,7 +8308,9 @@ pub struct PostgresClusterInstancesResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -5290,15 +8333,25 @@ pub struct PostgresClusterInstancesSidecarsReplicaCertCopy { /// Resource requirements for a sidecar container #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesSidecarsReplicaCertCopyResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -5306,44 +8359,96 @@ pub struct PostgresClusterInstancesSidecarsReplicaCertCopyResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesSidecarsReplicaCertCopyResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesTablespaceVolumes { - /// Defines a PersistentVolumeClaim for a tablespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes + /// Defines a PersistentVolumeClaim for a tablespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes #[serde(rename = "dataVolumeClaimSpec")] pub data_volume_claim_spec: PostgresClusterInstancesTablespaceVolumesDataVolumeClaimSpec, - /// The name for the tablespace, used as the path name for the volume. Must be unique in the instance set since they become the directory names. + /// The name for the tablespace, used as the path name for the volume. + /// Must be unique in the instance set since they become the directory names. pub name: String, } -/// Defines a PersistentVolumeClaim for a tablespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes +/// Defines a PersistentVolumeClaim for a tablespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesTablespaceVolumesDataVolumeClaimSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -5351,10 +8456,19 @@ pub struct PostgresClusterInstancesTablespaceVolumesDataVolumeClaimSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesTablespaceVolumesDataVolumeClaimSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -5363,28 +8477,62 @@ pub struct PostgresClusterInstancesTablespaceVolumesDataVolumeClaimSpecDataSourc pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesTablespaceVolumesDataVolumeClaimSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesTablespaceVolumesDataVolumeClaimSpecResources { - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -5395,39 +8543,56 @@ pub struct PostgresClusterInstancesTablespaceVolumesDataVolumeClaimSpecSelector /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesTablespaceVolumesDataVolumeClaimSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5435,83 +8600,224 @@ pub struct PostgresClusterInstancesTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a separate PersistentVolumeClaim for PostgreSQL's write-ahead log. More info: https://www.postgresql.org/docs/current/wal.html +/// Defines a separate PersistentVolumeClaim for PostgreSQL's write-ahead log. +/// More info: https://www.postgresql.org/docs/current/wal.html #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesWalVolumeClaimSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(rename = "accessModes")] pub access_modes: Vec, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources pub resources: PostgresClusterInstancesWalVolumeClaimSpecResources, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -5519,10 +8825,19 @@ pub struct PostgresClusterInstancesWalVolumeClaimSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesWalVolumeClaimSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -5531,28 +8846,62 @@ pub struct PostgresClusterInstancesWalVolumeClaimSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesWalVolumeClaimSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesWalVolumeClaimSpecResources { - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ pub requests: BTreeMap, } @@ -5562,19 +8911,26 @@ pub struct PostgresClusterInstancesWalVolumeClaimSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterInstancesWalVolumeClaimSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5605,16 +8961,23 @@ pub struct PostgresClusterMonitoringPgmonitor { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterMonitoringPgmonitorExporter { - /// Projected volumes containing custom PostgreSQL Exporter configuration. Currently supports the customization of PostgreSQL Exporter queries. If a "queries.yml" file is detected in any volume projected using this field, it will be loaded using the "extend.query-path" flag: https://github.com/prometheus-community/postgres_exporter#flags Changing the values of field causes PostgreSQL and the exporter to restart. + /// Projected volumes containing custom PostgreSQL Exporter configuration. Currently supports + /// the customization of PostgreSQL Exporter queries. If a "queries.yml" file is detected in + /// any volume projected using this field, it will be loaded using the "extend.query-path" flag: + /// https://github.com/prometheus-community/postgres_exporter#flags + /// Changing the values of field causes PostgreSQL and the exporter to restart. #[serde(default, skip_serializing_if = "Option::is_none")] pub configuration: Option>, - /// Projected secret containing custom TLS certificates to encrypt output from the exporter web server + /// Projected secret containing custom TLS certificates to encrypt output from the exporter + /// web server #[serde(default, skip_serializing_if = "Option::is_none", rename = "customTLSSecret")] pub custom_tls_secret: Option, - /// The image name to use for crunchy-postgres-exporter containers. The image may also be set using the RELATED_IMAGE_PGEXPORTER environment variable. + /// The image name to use for crunchy-postgres-exporter containers. The image may + /// also be set using the RELATED_IMAGE_PGEXPORTER environment variable. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Changing this value causes PostgreSQL and the exporter to restart. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers + /// Changing this value causes PostgreSQL and the exporter to restart. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, } @@ -5622,10 +8985,22 @@ pub struct PostgresClusterMonitoringPgmonitorExporter { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterMonitoringPgmonitorExporterConfiguration { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. - /// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project @@ -5642,47 +9017,79 @@ pub struct PostgresClusterMonitoringPgmonitorExporterConfiguration { pub service_account_token: Option, } -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. -/// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector. + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles. + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, /// Relative path from the volume root to write the bundle. pub path: String, - /// Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated. + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] pub signer_name: Option, } -/// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationClusterTrustBundleLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationClusterTrustBundleLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5690,7 +9097,13 @@ pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationClusterTrustBu /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -5706,10 +9119,18 @@ pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationConfigMap { pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -5727,12 +9148,18 @@ pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationDownwardApiIte /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -5748,7 +9175,8 @@ pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationDownwardApiIte pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -5764,7 +9192,13 @@ pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationDownwardApiIte /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -5780,30 +9214,54 @@ pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationSecret { pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterMonitoringPgmonitorExporterConfigurationServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } -/// Projected secret containing custom TLS certificates to encrypt output from the exporter web server +/// Projected secret containing custom TLS certificates to encrypt output from the exporter +/// web server #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterMonitoringPgmonitorExporterCustomTlsSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -5819,25 +9277,44 @@ pub struct PostgresClusterMonitoringPgmonitorExporterCustomTlsSecret { pub struct PostgresClusterMonitoringPgmonitorExporterCustomTlsSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } -/// Changing this value causes PostgreSQL and the exporter to restart. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers +/// Changing this value causes PostgreSQL and the exporter to restart. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterMonitoringPgmonitorExporterResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -5845,25 +9322,35 @@ pub struct PostgresClusterMonitoringPgmonitorExporterResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterMonitoringPgmonitorExporterResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterPatroni { - /// Patroni dynamic configuration settings. Changes to this value will be automatically reloaded without validation. Changes to certain PostgreSQL parameters cause PostgreSQL to restart. More info: https://patroni.readthedocs.io/en/latest/dynamic_configuration.html + /// Patroni dynamic configuration settings. Changes to this value will be + /// automatically reloaded without validation. Changes to certain PostgreSQL + /// parameters cause PostgreSQL to restart. + /// More info: https://patroni.readthedocs.io/en/latest/dynamic_configuration.html #[serde(default, skip_serializing_if = "Option::is_none", rename = "dynamicConfiguration")] pub dynamic_configuration: Option>, - /// TTL of the cluster leader lock. "Think of it as the length of time before initiation of the automatic failover process." Changing this value causes PostgreSQL to restart. + /// TTL of the cluster leader lock. "Think of it as the + /// length of time before initiation of the automatic failover process." + /// Changing this value causes PostgreSQL to restart. #[serde(default, skip_serializing_if = "Option::is_none", rename = "leaderLeaseDurationSeconds")] pub leader_lease_duration_seconds: Option, - /// The port on which Patroni should listen. Changing this value causes PostgreSQL to restart. + /// The port on which Patroni should listen. + /// Changing this value causes PostgreSQL to restart. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// Switchover gives options to perform ad hoc switchovers in a PostgresCluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub switchover: Option, - /// The interval for refreshing the leader lock and applying dynamicConfiguration. Must be less than leaderLeaseDurationSeconds. Changing this value causes PostgreSQL to restart. + /// The interval for refreshing the leader lock and applying + /// dynamicConfiguration. Must be less than leaderLeaseDurationSeconds. + /// Changing this value causes PostgreSQL to restart. #[serde(default, skip_serializing_if = "Option::is_none", rename = "syncPeriodSeconds")] pub sync_period_seconds: Option, } @@ -5873,10 +9360,16 @@ pub struct PostgresClusterPatroni { pub struct PostgresClusterPatroniSwitchover { /// Whether or not the operator should allow switchovers in a PostgresCluster pub enabled: bool, - /// The instance that should become primary during a switchover. This field is optional when Type is "Switchover" and required when Type is "Failover". When it is not specified, a healthy replica is automatically selected. + /// The instance that should become primary during a switchover. This field is + /// optional when Type is "Switchover" and required when Type is "Failover". + /// When it is not specified, a healthy replica is automatically selected. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetInstance")] pub target_instance: Option, - /// Type of switchover to perform. Valid options are Switchover and Failover. "Switchover" changes the primary instance of a healthy PostgresCluster. "Failover" forces a particular instance to be primary, regardless of other factors. A TargetInstance must be specified to failover. NOTE: The Failover type is reserved as the "last resort" case. + /// Type of switchover to perform. Valid options are Switchover and Failover. + /// "Switchover" changes the primary instance of a healthy PostgresCluster. + /// "Failover" forces a particular instance to be primary, regardless of other + /// factors. A TargetInstance must be specified to failover. + /// NOTE: The Failover type is reserved as the "last resort" case. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -5899,37 +9392,56 @@ pub struct PostgresClusterProxy { /// Defines a PgBouncer proxy and connection pooler. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncer { - /// Scheduling constraints of a PgBouncer pod. Changing this value causes PgBouncer to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node + /// Scheduling constraints of a PgBouncer pod. Changing this value causes + /// PgBouncer to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// Configuration settings for the PgBouncer process. Changes to any of these values will be automatically reloaded without validation. Be careful, as you may put PgBouncer into an unusable state. More info: https://www.pgbouncer.org/usage.html#reload + /// Configuration settings for the PgBouncer process. Changes to any of these + /// values will be automatically reloaded without validation. Be careful, as + /// you may put PgBouncer into an unusable state. + /// More info: https://www.pgbouncer.org/usage.html#reload #[serde(default, skip_serializing_if = "Option::is_none")] pub config: Option, - /// Custom sidecars for a PgBouncer pod. Changing this value causes PgBouncer to restart. + /// Custom sidecars for a PgBouncer pod. Changing this value causes + /// PgBouncer to restart. #[serde(default, skip_serializing_if = "Option::is_none")] pub containers: Option>, - /// A secret projection containing a certificate and key with which to encrypt connections to PgBouncer. The "tls.crt", "tls.key", and "ca.crt" paths must be PEM-encoded certificates and keys. Changing this value causes PgBouncer to restart. More info: https://kubernetes.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths + /// A secret projection containing a certificate and key with which to encrypt + /// connections to PgBouncer. The "tls.crt", "tls.key", and "ca.crt" paths must + /// be PEM-encoded certificates and keys. Changing this value causes PgBouncer + /// to restart. + /// More info: https://kubernetes.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths #[serde(default, skip_serializing_if = "Option::is_none", rename = "customTLSSecret")] pub custom_tls_secret: Option, - /// Name of a container image that can run PgBouncer 1.15 or newer. Changing this value causes PgBouncer to restart. The image may also be set using the RELATED_IMAGE_PGBOUNCER environment variable. More info: https://kubernetes.io/docs/concepts/containers/images + /// Name of a container image that can run PgBouncer 1.15 or newer. Changing + /// this value causes PgBouncer to restart. The image may also be set using + /// the RELATED_IMAGE_PGBOUNCER environment variable. + /// More info: https://kubernetes.io/docs/concepts/containers/images #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, /// Metadata contains metadata for custom resources #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Minimum number of pods that should be available at a time. Defaults to one when the replicas field is greater than one. + /// Minimum number of pods that should be available at a time. + /// Defaults to one when the replicas field is greater than one. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAvailable")] pub min_available: Option, - /// Port on which PgBouncer should listen for client connections. Changing this value causes PgBouncer to restart. + /// Port on which PgBouncer should listen for client connections. Changing + /// this value causes PgBouncer to restart. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// Priority class name for the pgBouncer pod. Changing this value causes PostgreSQL to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ + /// Priority class name for the pgBouncer pod. Changing this value causes + /// PostgreSQL to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, /// Number of desired PgBouncer pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, - /// Compute resources of a PgBouncer container. Changing this value causes PgBouncer to restart. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers + /// Compute resources of a PgBouncer container. Changing this value causes + /// PgBouncer to restart. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// Specification of the service that exposes PgBouncer. @@ -5938,15 +9450,21 @@ pub struct PostgresClusterProxyPgBouncer { /// Configuration for pgBouncer sidecar containers #[serde(default, skip_serializing_if = "Option::is_none")] pub sidecars: Option, - /// Tolerations of a PgBouncer pod. Changing this value causes PgBouncer to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration + /// Tolerations of a PgBouncer pod. Changing this value causes PgBouncer to + /// restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, - /// Topology spread constraints of a PgBouncer pod. Changing this value causes PgBouncer to restart. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + /// Topology spread constraints of a PgBouncer pod. Changing this value causes + /// PgBouncer to restart. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] pub topology_spread_constraints: Option>, } -/// Scheduling constraints of a PgBouncer pod. Changing this value causes PgBouncer to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node +/// Scheduling constraints of a PgBouncer pod. Changing this value causes +/// PgBouncer to restart. +/// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinity { /// Describes node affinity scheduling rules for the pod. @@ -5963,15 +9481,28 @@ pub struct PostgresClusterProxyPgBouncerAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -5991,31 +9522,47 @@ pub struct PostgresClusterProxyPgBouncerAffinityNodeAffinityPreferredDuringSched pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -6023,7 +9570,9 @@ pub struct PostgresClusterProxyPgBouncerAffinityNodeAffinityRequiredDuringSchedu pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -6034,26 +9583,38 @@ pub struct PostgresClusterProxyPgBouncerAffinityNodeAffinityRequiredDuringSchedu pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6061,10 +9622,24 @@ pub struct PostgresClusterProxyPgBouncerAffinityNodeAffinityRequiredDuringSchedu /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -6075,144 +9650,244 @@ pub struct PostgresClusterProxyPgBouncerAffinityPodAffinityPreferredDuringSchedu /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterProxyPgBouncerAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6220,10 +9895,24 @@ pub struct PostgresClusterProxyPgBouncerAffinityPodAffinityRequiredDuringSchedul /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -6234,161 +9923,276 @@ pub struct PostgresClusterProxyPgBouncerAffinityPodAntiAffinityPreferredDuringSc /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterProxyPgBouncerAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Configuration settings for the PgBouncer process. Changes to any of these values will be automatically reloaded without validation. Be careful, as you may put PgBouncer into an unusable state. More info: https://www.pgbouncer.org/usage.html#reload +/// Configuration settings for the PgBouncer process. Changes to any of these +/// values will be automatically reloaded without validation. Be careful, as +/// you may put PgBouncer into an unusable state. +/// More info: https://www.pgbouncer.org/usage.html#reload #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerConfig { - /// PgBouncer database definitions. The key is the database requested by a client while the value is a libpq-styled connection string. The special key "*" acts as a fallback. When this field is empty, PgBouncer is configured with a single "*" entry that connects to the primary PostgreSQL instance. More info: https://www.pgbouncer.org/config.html#section-databases + /// PgBouncer database definitions. The key is the database requested by a + /// client while the value is a libpq-styled connection string. The special + /// key "*" acts as a fallback. When this field is empty, PgBouncer is + /// configured with a single "*" entry that connects to the primary + /// PostgreSQL instance. + /// More info: https://www.pgbouncer.org/config.html#section-databases #[serde(default, skip_serializing_if = "Option::is_none")] pub databases: Option>, - /// Files to mount under "/etc/pgbouncer". When specified, settings in the "pgbouncer.ini" file are loaded before all others. From there, other files may be included by absolute path. Changing these references causes PgBouncer to restart, but changes to the file contents are automatically reloaded. More info: https://www.pgbouncer.org/config.html#include-directive + /// Files to mount under "/etc/pgbouncer". When specified, settings in the + /// "pgbouncer.ini" file are loaded before all others. From there, other + /// files may be included by absolute path. Changing these references causes + /// PgBouncer to restart, but changes to the file contents are automatically + /// reloaded. + /// More info: https://www.pgbouncer.org/config.html#include-directive #[serde(default, skip_serializing_if = "Option::is_none")] pub files: Option>, - /// Settings that apply to the entire PgBouncer process. More info: https://www.pgbouncer.org/config.html + /// Settings that apply to the entire PgBouncer process. + /// More info: https://www.pgbouncer.org/config.html #[serde(default, skip_serializing_if = "Option::is_none")] pub global: Option>, - /// Connection settings specific to particular users. More info: https://www.pgbouncer.org/config.html#section-users + /// Connection settings specific to particular users. + /// More info: https://www.pgbouncer.org/config.html#section-users #[serde(default, skip_serializing_if = "Option::is_none")] pub users: Option>, } @@ -6396,10 +10200,22 @@ pub struct PostgresClusterProxyPgBouncerConfig { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerConfigFiles { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. - /// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project @@ -6416,47 +10232,79 @@ pub struct PostgresClusterProxyPgBouncerConfigFiles { pub service_account_token: Option, } -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. -/// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerConfigFilesClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector. + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles. + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, /// Relative path from the volume root to write the bundle. pub path: String, - /// Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated. + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] pub signer_name: Option, } -/// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerConfigFilesClusterTrustBundleLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerConfigFilesClusterTrustBundleLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6464,7 +10312,13 @@ pub struct PostgresClusterProxyPgBouncerConfigFilesClusterTrustBundleLabelSelect /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerConfigFilesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -6480,10 +10334,18 @@ pub struct PostgresClusterProxyPgBouncerConfigFilesConfigMap { pub struct PostgresClusterProxyPgBouncerConfigFilesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -6501,12 +10363,18 @@ pub struct PostgresClusterProxyPgBouncerConfigFilesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -6522,7 +10390,8 @@ pub struct PostgresClusterProxyPgBouncerConfigFilesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerConfigFilesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -6538,7 +10407,13 @@ pub struct PostgresClusterProxyPgBouncerConfigFilesDownwardApiItemsResourceField /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerConfigFilesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -6554,98 +10429,206 @@ pub struct PostgresClusterProxyPgBouncerConfigFilesSecret { pub struct PostgresClusterProxyPgBouncerConfigFilesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerConfigFilesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } /// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainers { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -6655,7 +10638,15 @@ pub struct PostgresClusterProxyPgBouncerContainers { pub struct PostgresClusterProxyPgBouncerContainersEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -6669,10 +10660,12 @@ pub struct PostgresClusterProxyPgBouncerContainersEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -6693,7 +10686,8 @@ pub struct PostgresClusterProxyPgBouncerContainersEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -6704,7 +10698,8 @@ pub struct PostgresClusterProxyPgBouncerContainersEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -6766,18 +10761,33 @@ pub struct PostgresClusterProxyPgBouncerContainersEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLifecyclePostStart { /// Exec specifies the action to take. @@ -6789,7 +10799,9 @@ pub struct PostgresClusterProxyPgBouncerContainersLifecyclePostStart { /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -6797,7 +10809,11 @@ pub struct PostgresClusterProxyPgBouncerContainersLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -6805,7 +10821,8 @@ pub struct PostgresClusterProxyPgBouncerContainersLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -6814,9 +10831,12 @@ pub struct PostgresClusterProxyPgBouncerContainersLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -6824,7 +10844,8 @@ pub struct PostgresClusterProxyPgBouncerContainersLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -6837,17 +10858,29 @@ pub struct PostgresClusterProxyPgBouncerContainersLifecyclePostStartSleep { pub seconds: i64, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLifecyclePreStop { /// Exec specifies the action to take. @@ -6859,7 +10892,9 @@ pub struct PostgresClusterProxyPgBouncerContainersLifecyclePreStop { /// Sleep represents the duration that the container should sleep before being terminated. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -6867,7 +10902,11 @@ pub struct PostgresClusterProxyPgBouncerContainersLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -6875,7 +10914,8 @@ pub struct PostgresClusterProxyPgBouncerContainersLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -6884,9 +10924,12 @@ pub struct PostgresClusterProxyPgBouncerContainersLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -6894,7 +10937,8 @@ pub struct PostgresClusterProxyPgBouncerContainersLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -6907,23 +10951,31 @@ pub struct PostgresClusterProxyPgBouncerContainersLifecyclePreStopSleep { pub seconds: i64, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -6932,22 +10984,36 @@ pub struct PostgresClusterProxyPgBouncerContainersLivenessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -6955,7 +11021,11 @@ pub struct PostgresClusterProxyPgBouncerContainersLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -6965,8 +11035,11 @@ pub struct PostgresClusterProxyPgBouncerContainersLivenessProbeExec { pub struct PostgresClusterProxyPgBouncerContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -6974,7 +11047,8 @@ pub struct PostgresClusterProxyPgBouncerContainersLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -6983,9 +11057,12 @@ pub struct PostgresClusterProxyPgBouncerContainersLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -6993,7 +11070,8 @@ pub struct PostgresClusterProxyPgBouncerContainersLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -7005,37 +11083,50 @@ pub struct PostgresClusterProxyPgBouncerContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -7044,22 +11135,36 @@ pub struct PostgresClusterProxyPgBouncerContainersReadinessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -7067,7 +11172,11 @@ pub struct PostgresClusterProxyPgBouncerContainersReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -7077,8 +11186,11 @@ pub struct PostgresClusterProxyPgBouncerContainersReadinessProbeExec { pub struct PostgresClusterProxyPgBouncerContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -7086,7 +11198,8 @@ pub struct PostgresClusterProxyPgBouncerContainersReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -7095,9 +11208,12 @@ pub struct PostgresClusterProxyPgBouncerContainersReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -7105,7 +11221,8 @@ pub struct PostgresClusterProxyPgBouncerContainersReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -7117,33 +11234,49 @@ pub struct PostgresClusterProxyPgBouncerContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersResizePolicy { - /// Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, - /// Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -7151,63 +11284,120 @@ pub struct PostgresClusterProxyPgBouncerContainersResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] pub app_armor_profile: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersSecurityContextAppArmorProfile { - /// localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost". + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement. + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. #[serde(rename = "type")] pub r#type: String, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersSecurityContextCapabilities { /// Added capabilities @@ -7218,7 +11408,11 @@ pub struct PostgresClusterProxyPgBouncerContainersSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -7235,10 +11429,16 @@ pub struct PostgresClusterProxyPgBouncerContainersSecurityContextSeLinuxOptions pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, /// type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -7246,30 +11446,48 @@ pub struct PostgresClusterProxyPgBouncerContainersSecurityContextSeccompProfile pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -7278,22 +11496,36 @@ pub struct PostgresClusterProxyPgBouncerContainersStartupProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -7301,7 +11533,11 @@ pub struct PostgresClusterProxyPgBouncerContainersStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -7311,8 +11547,11 @@ pub struct PostgresClusterProxyPgBouncerContainersStartupProbeExec { pub struct PostgresClusterProxyPgBouncerContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -7320,7 +11559,8 @@ pub struct PostgresClusterProxyPgBouncerContainersStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -7329,9 +11569,12 @@ pub struct PostgresClusterProxyPgBouncerContainersStartupProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -7339,7 +11582,8 @@ pub struct PostgresClusterProxyPgBouncerContainersStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -7351,7 +11595,9 @@ pub struct PostgresClusterProxyPgBouncerContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -7368,36 +11614,72 @@ pub struct PostgresClusterProxyPgBouncerContainersVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None). + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// RecursiveReadOnly specifies whether read-only mounts should be handled recursively. - /// If ReadOnly is false, this field has no meaning and must be unspecified. - /// If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. - /// If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). - /// If this field is not specified, it is treated as an equivalent of Disabled. + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] pub recursive_read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } -/// A secret projection containing a certificate and key with which to encrypt connections to PgBouncer. The "tls.crt", "tls.key", and "ca.crt" paths must be PEM-encoded certificates and keys. Changing this value causes PgBouncer to restart. More info: https://kubernetes.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths +/// A secret projection containing a certificate and key with which to encrypt +/// connections to PgBouncer. The "tls.crt", "tls.key", and "ca.crt" paths must +/// be PEM-encoded certificates and keys. Changing this value causes PgBouncer +/// to restart. +/// More info: https://kubernetes.io/docs/concepts/configuration/secret/#projection-of-secret-keys-to-specific-paths #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerCustomTlsSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -7413,10 +11695,18 @@ pub struct PostgresClusterProxyPgBouncerCustomTlsSecret { pub struct PostgresClusterProxyPgBouncerCustomTlsSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -7429,18 +11719,30 @@ pub struct PostgresClusterProxyPgBouncerMetadata { pub labels: Option>, } -/// Compute resources of a PgBouncer container. Changing this value causes PgBouncer to restart. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers +/// Compute resources of a PgBouncer container. Changing this value causes +/// PgBouncer to restart. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -7448,7 +11750,9 @@ pub struct PostgresClusterProxyPgBouncerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -7464,7 +11768,10 @@ pub struct PostgresClusterProxyPgBouncerService { /// Metadata contains metadata for custom resources #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The port on which this service is exposed when type is NodePort or LoadBalancer. Value must be in-range and not in use or the operation will fail. If unspecified, a port will be allocated if this Service requires one. - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + /// The port on which this service is exposed when type is NodePort or + /// LoadBalancer. Value must be in-range and not in use or the operation will + /// fail. If unspecified, a port will be allocated if this Service requires one. + /// - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] pub node_port: Option, /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types @@ -7523,15 +11830,25 @@ pub struct PostgresClusterProxyPgBouncerSidecarsPgbouncerConfig { /// Resource requirements for a sidecar container #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerSidecarsPgbouncerConfigResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -7539,26 +11856,38 @@ pub struct PostgresClusterProxyPgBouncerSidecarsPgbouncerConfigResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerSidecarsPgbouncerConfigResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -7566,55 +11895,148 @@ pub struct PostgresClusterProxyPgBouncerTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterProxyPgBouncerTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7631,7 +12053,10 @@ pub struct PostgresClusterReplicaService { /// Metadata contains metadata for custom resources #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The port on which this service is exposed when type is NodePort or LoadBalancer. Value must be in-range and not in use or the operation will fail. If unspecified, a port will be allocated if this Service requires one. - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + /// The port on which this service is exposed when type is NodePort or + /// LoadBalancer. Value must be in-range and not in use or the operation will + /// fail. If unspecified, a port will be allocated if this Service requires one. + /// - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] pub node_port: Option, /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types @@ -7683,7 +12108,10 @@ pub struct PostgresClusterService { /// Metadata contains metadata for custom resources #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The port on which this service is exposed when type is NodePort or LoadBalancer. Value must be in-range and not in use or the operation will fail. If unspecified, a port will be allocated if this Service requires one. - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + /// The port on which this service is exposed when type is NodePort or + /// LoadBalancer. Value must be in-range and not in use or the operation will + /// fail. If unspecified, a port will be allocated if this Service requires one. + /// - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] pub node_port: Option, /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types @@ -7726,7 +12154,9 @@ pub enum PostgresClusterServiceType { /// Run this cluster as a read-only copy of an existing cluster or archive. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterStandby { - /// Whether or not the PostgreSQL cluster should be read-only. When this is true, WAL files are applied from a pgBackRest repository or another PostgreSQL server. + /// Whether or not the PostgreSQL cluster should be read-only. When this is + /// true, WAL files are applied from a pgBackRest repository or another + /// PostgreSQL server. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, /// Network address of the PostgreSQL server to follow via streaming replication. @@ -7751,42 +12181,59 @@ pub struct PostgresClusterUserInterface { /// Defines a pgAdmin user interface. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdmin { - /// Scheduling constraints of a pgAdmin pod. Changing this value causes pgAdmin to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node + /// Scheduling constraints of a pgAdmin pod. Changing this value causes + /// pgAdmin to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// Configuration settings for the pgAdmin process. Changes to any of these values will be loaded without validation. Be careful, as you may put pgAdmin into an unusable state. + /// Configuration settings for the pgAdmin process. Changes to any of these + /// values will be loaded without validation. Be careful, as + /// you may put pgAdmin into an unusable state. #[serde(default, skip_serializing_if = "Option::is_none")] pub config: Option, - /// Defines a PersistentVolumeClaim for pgAdmin data. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes + /// Defines a PersistentVolumeClaim for pgAdmin data. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes #[serde(rename = "dataVolumeClaimSpec")] pub data_volume_claim_spec: PostgresClusterUserInterfacePgAdminDataVolumeClaimSpec, - /// Name of a container image that can run pgAdmin 4. Changing this value causes pgAdmin to restart. The image may also be set using the RELATED_IMAGE_PGADMIN environment variable. More info: https://kubernetes.io/docs/concepts/containers/images + /// Name of a container image that can run pgAdmin 4. Changing this value causes + /// pgAdmin to restart. The image may also be set using the RELATED_IMAGE_PGADMIN + /// environment variable. + /// More info: https://kubernetes.io/docs/concepts/containers/images #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, /// Metadata contains metadata for custom resources #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Priority class name for the pgAdmin pod. Changing this value causes pgAdmin to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ + /// Priority class name for the pgAdmin pod. Changing this value causes pgAdmin + /// to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, /// Number of desired pgAdmin pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, - /// Compute resources of a pgAdmin container. Changing this value causes pgAdmin to restart. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers + /// Compute resources of a pgAdmin container. Changing this value causes + /// pgAdmin to restart. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// Specification of the service that exposes pgAdmin. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, - /// Tolerations of a pgAdmin pod. Changing this value causes pgAdmin to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration + /// Tolerations of a pgAdmin pod. Changing this value causes pgAdmin to restart. + /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, - /// Topology spread constraints of a pgAdmin pod. Changing this value causes pgAdmin to restart. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + /// Topology spread constraints of a pgAdmin pod. Changing this value causes + /// pgAdmin to restart. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] pub topology_spread_constraints: Option>, } -/// Scheduling constraints of a pgAdmin pod. Changing this value causes pgAdmin to restart. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node +/// Scheduling constraints of a pgAdmin pod. Changing this value causes +/// pgAdmin to restart. +/// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinity { /// Describes node affinity scheduling rules for the pod. @@ -7803,15 +12250,28 @@ pub struct PostgresClusterUserInterfacePgAdminAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -7831,31 +12291,47 @@ pub struct PostgresClusterUserInterfacePgAdminAffinityNodeAffinityPreferredDurin pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -7863,7 +12339,9 @@ pub struct PostgresClusterUserInterfacePgAdminAffinityNodeAffinityRequiredDuring pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -7874,26 +12352,38 @@ pub struct PostgresClusterUserInterfacePgAdminAffinityNodeAffinityRequiredDuring pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7901,10 +12391,24 @@ pub struct PostgresClusterUserInterfacePgAdminAffinityNodeAffinityRequiredDuring /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -7915,144 +12419,244 @@ pub struct PostgresClusterUserInterfacePgAdminAffinityPodAffinityPreferredDuring /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterUserInterfacePgAdminAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8060,10 +12664,24 @@ pub struct PostgresClusterUserInterfacePgAdminAffinityPodAffinityRequiredDuringS /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -8074,158 +12692,264 @@ pub struct PostgresClusterUserInterfacePgAdminAffinityPodAntiAffinityPreferredDu /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: PostgresClusterUserInterfacePgAdminAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Configuration settings for the pgAdmin process. Changes to any of these values will be loaded without validation. Be careful, as you may put pgAdmin into an unusable state. +/// Configuration settings for the pgAdmin process. Changes to any of these +/// values will be loaded without validation. Be careful, as +/// you may put pgAdmin into an unusable state. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminConfig { - /// Files allows the user to mount projected volumes into the pgAdmin container so that files can be referenced by pgAdmin as needed. + /// Files allows the user to mount projected volumes into the pgAdmin + /// container so that files can be referenced by pgAdmin as needed. #[serde(default, skip_serializing_if = "Option::is_none")] pub files: Option>, - /// A Secret containing the value for the LDAP_BIND_PASSWORD setting. More info: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html + /// A Secret containing the value for the LDAP_BIND_PASSWORD setting. + /// More info: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html #[serde(default, skip_serializing_if = "Option::is_none", rename = "ldapBindPassword")] pub ldap_bind_password: Option, - /// Settings for the pgAdmin server process. Keys should be uppercase and values must be constants. More info: https://www.pgadmin.org/docs/pgadmin4/latest/config_py.html + /// Settings for the pgAdmin server process. Keys should be uppercase and + /// values must be constants. + /// More info: https://www.pgadmin.org/docs/pgadmin4/latest/config_py.html #[serde(default, skip_serializing_if = "Option::is_none")] pub settings: Option>, } @@ -8233,10 +12957,22 @@ pub struct PostgresClusterUserInterfacePgAdminConfig { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminConfigFiles { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. - /// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project @@ -8253,47 +12989,79 @@ pub struct PostgresClusterUserInterfacePgAdminConfigFiles { pub service_account_token: Option, } -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. -/// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminConfigFilesClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector. + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles. + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, /// Relative path from the volume root to write the bundle. pub path: String, - /// Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated. + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] pub signer_name: Option, } -/// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminConfigFilesClusterTrustBundleLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminConfigFilesClusterTrustBundleLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8301,7 +13069,13 @@ pub struct PostgresClusterUserInterfacePgAdminConfigFilesClusterTrustBundleLabel /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminConfigFilesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -8317,10 +13091,18 @@ pub struct PostgresClusterUserInterfacePgAdminConfigFilesConfigMap { pub struct PostgresClusterUserInterfacePgAdminConfigFilesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -8338,12 +13120,18 @@ pub struct PostgresClusterUserInterfacePgAdminConfigFilesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -8359,7 +13147,8 @@ pub struct PostgresClusterUserInterfacePgAdminConfigFilesDownwardApiItemsFieldRe pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminConfigFilesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -8375,7 +13164,13 @@ pub struct PostgresClusterUserInterfacePgAdminConfigFilesDownwardApiItemsResourc /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminConfigFilesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -8391,27 +13186,45 @@ pub struct PostgresClusterUserInterfacePgAdminConfigFilesSecret { pub struct PostgresClusterUserInterfacePgAdminConfigFilesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminConfigFilesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } -/// A Secret containing the value for the LDAP_BIND_PASSWORD setting. More info: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html +/// A Secret containing the value for the LDAP_BIND_PASSWORD setting. +/// More info: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminConfigLdapBindPassword { /// The key of the secret to select from. Must be a valid secret key. @@ -8424,31 +13237,79 @@ pub struct PostgresClusterUserInterfacePgAdminConfigLdapBindPassword { pub optional: Option, } -/// Defines a PersistentVolumeClaim for pgAdmin data. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes +/// Defines a PersistentVolumeClaim for pgAdmin data. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminDataVolumeClaimSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -8456,10 +13317,19 @@ pub struct PostgresClusterUserInterfacePgAdminDataVolumeClaimSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminDataVolumeClaimSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -8468,28 +13338,62 @@ pub struct PostgresClusterUserInterfacePgAdminDataVolumeClaimSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminDataVolumeClaimSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminDataVolumeClaimSpecResources { - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -8500,19 +13404,26 @@ pub struct PostgresClusterUserInterfacePgAdminDataVolumeClaimSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminDataVolumeClaimSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8526,18 +13437,30 @@ pub struct PostgresClusterUserInterfacePgAdminMetadata { pub labels: Option>, } -/// Compute resources of a pgAdmin container. Changing this value causes pgAdmin to restart. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers +/// Compute resources of a pgAdmin container. Changing this value causes +/// pgAdmin to restart. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -8545,7 +13468,9 @@ pub struct PostgresClusterUserInterfacePgAdminResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -8561,7 +13486,10 @@ pub struct PostgresClusterUserInterfacePgAdminService { /// Metadata contains metadata for custom resources #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The port on which this service is exposed when type is NodePort or LoadBalancer. Value must be in-range and not in use or the operation will fail. If unspecified, a port will be allocated if this Service requires one. - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + /// The port on which this service is exposed when type is NodePort or + /// LoadBalancer. Value must be in-range and not in use or the operation will + /// fail. If unspecified, a port will be allocated if this Service requires one. + /// - https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] pub node_port: Option, /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types @@ -8601,22 +13529,32 @@ pub enum PostgresClusterUserInterfacePgAdminServiceType { LoadBalancer, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -8624,67 +13562,165 @@ pub struct PostgresClusterUserInterfacePgAdminTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUserInterfacePgAdminTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterUsers { - /// Databases to which this user can connect and create objects. Removing a database from this list does NOT revoke access. This field is ignored for the "postgres" user. + /// Databases to which this user can connect and create objects. Removing a + /// database from this list does NOT revoke access. This field is ignored for + /// the "postgres" user. #[serde(default, skip_serializing_if = "Option::is_none")] pub databases: Option>, - /// The name of this PostgreSQL user. The value may contain only lowercase letters, numbers, and hyphen so that it fits into Kubernetes metadata. + /// The name of this PostgreSQL user. The value may contain only lowercase + /// letters, numbers, and hyphen so that it fits into Kubernetes metadata. pub name: String, - /// ALTER ROLE options except for PASSWORD. This field is ignored for the "postgres" user. More info: https://www.postgresql.org/docs/current/role-attributes.html + /// ALTER ROLE options except for PASSWORD. This field is ignored for the + /// "postgres" user. + /// More info: https://www.postgresql.org/docs/current/role-attributes.html #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option, /// Properties of the password generated for this user. @@ -8695,7 +13731,10 @@ pub struct PostgresClusterUsers { /// Properties of the password generated for this user. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct PostgresClusterUsersPassword { - /// Type of password to generate. Defaults to ASCII. Valid options are ASCII and AlphaNumeric. "ASCII" passwords contain letters, numbers, and symbols from the US-ASCII character set. "AlphaNumeric" passwords contain letters and numbers from the US-ASCII character set. + /// Type of password to generate. Defaults to ASCII. Valid options are ASCII + /// and AlphaNumeric. + /// "ASCII" passwords contain letters, numbers, and symbols from the US-ASCII character set. + /// "AlphaNumeric" passwords contain letters and numbers from the US-ASCII character set. #[serde(rename = "type")] pub r#type: PostgresClusterUsersPasswordType, } @@ -8711,7 +13750,9 @@ pub enum PostgresClusterUsersPasswordType { /// PostgresClusterStatus defines the observed state of PostgresCluster #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterStatus { - /// conditions represent the observations of postgrescluster's current state. Known .status.conditions.type are: "PersistentVolumeResizing", "Progressing", "ProxyAvailable" + /// conditions represent the observations of postgrescluster's current state. + /// Known .status.conditions.type are: "PersistentVolumeResizing", + /// "Progressing", "ProxyAvailable" #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// DatabaseInitSQL state of custom database initialization in the cluster @@ -8734,7 +13775,8 @@ pub struct PostgresClusterStatus { /// Status information for pgBackRest #[serde(default, skip_serializing_if = "Option::is_none")] pub pgbackrest: Option, - /// Stores the current PostgreSQL major version following a successful major PostgreSQL upgrade. + /// Stores the current PostgreSQL major version following a successful + /// major PostgreSQL upgrade. #[serde(default, skip_serializing_if = "Option::is_none", rename = "postgresVersion")] pub postgres_version: Option, /// Current state of the PostgreSQL proxy. @@ -8742,7 +13784,8 @@ pub struct PostgresClusterStatus { pub proxy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "registrationRequired")] pub registration_required: Option, - /// The instance that should be started first when bootstrapping and/or starting a PostgresCluster. + /// The instance that should be started first when bootstrapping and/or starting a + /// PostgresCluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupInstance")] pub startup_instance: Option, /// The instance set associated with the startupInstance @@ -8821,17 +13864,22 @@ pub struct PostgresClusterStatusPgbackrestManualBackup { /// The number of actively running manual backup Pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub active: Option, - /// Represents the time the manual backup Job was determined by the Job controller to be completed. This field is only set if the backup completed successfully. Additionally, it is represented in RFC3339 form and is in UTC. + /// Represents the time the manual backup Job was determined by the Job controller + /// to be completed. This field is only set if the backup completed successfully. + /// Additionally, it is represented in RFC3339 form and is in UTC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "completionTime")] pub completion_time: Option, /// The number of Pods for the manual backup Job that reached the "Failed" phase. #[serde(default, skip_serializing_if = "Option::is_none")] pub failed: Option, - /// Specifies whether or not the Job is finished executing (does not indicate success or failure). + /// Specifies whether or not the Job is finished executing (does not indicate success or + /// failure). pub finished: bool, - /// A unique identifier for the manual backup as provided using the "pgbackrest-backup" annotation when initiating a backup. + /// A unique identifier for the manual backup as provided using the "pgbackrest-backup" + /// annotation when initiating a backup. pub id: String, - /// Represents the time the manual backup Job was acknowledged by the Job controller. It is represented in RFC3339 form and is in UTC. + /// Represents the time the manual backup Job was acknowledged by the Job controller. + /// It is represented in RFC3339 form and is in UTC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "startTime")] pub start_time: Option, /// The number of Pods for the manual backup Job that reached the "Succeeded" phase. @@ -8842,10 +13890,17 @@ pub struct PostgresClusterStatusPgbackrestManualBackup { /// Status information for the pgBackRest dedicated repository host #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterStatusPgbackrestRepoHost { - /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + /// APIVersion defines the versioned schema of this representation of an object. + /// Servers should convert recognized schemas to the latest internal value, and + /// may reject unrecognized values. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind is a string value representing the REST resource this object represents. + /// Servers may infer this from the endpoint the client submits requests to. + /// Cannot be updated. + /// In CamelCase. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, /// Whether or not the pgBackRest repository host is ready for use @@ -8861,10 +13916,13 @@ pub struct PostgresClusterStatusPgbackrestRepos { pub bound: Option, /// The name of the pgBackRest repository pub name: String, - /// ReplicaCreateBackupReady indicates whether a backup exists in the repository as needed to bootstrap replicas. + /// ReplicaCreateBackupReady indicates whether a backup exists in the repository as needed + /// to bootstrap replicas. #[serde(default, skip_serializing_if = "Option::is_none", rename = "replicaCreateBackupComplete")] pub replica_create_backup_complete: Option, - /// A hash of the required fields in the spec for defining an Azure, GCS or S3 repository, Utilized to detect changes to these fields and then execute pgBackRest stanza-create commands accordingly. + /// A hash of the required fields in the spec for defining an Azure, GCS or S3 repository, + /// Utilized to detect changes to these fields and then execute pgBackRest stanza-create + /// commands accordingly. #[serde(default, skip_serializing_if = "Option::is_none", rename = "repoOptionsHash")] pub repo_options_hash: Option, /// Specifies whether or not a stanza has been successfully created for the repository @@ -8881,17 +13939,22 @@ pub struct PostgresClusterStatusPgbackrestRestore { /// The number of actively running manual backup Pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub active: Option, - /// Represents the time the manual backup Job was determined by the Job controller to be completed. This field is only set if the backup completed successfully. Additionally, it is represented in RFC3339 form and is in UTC. + /// Represents the time the manual backup Job was determined by the Job controller + /// to be completed. This field is only set if the backup completed successfully. + /// Additionally, it is represented in RFC3339 form and is in UTC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "completionTime")] pub completion_time: Option, /// The number of Pods for the manual backup Job that reached the "Failed" phase. #[serde(default, skip_serializing_if = "Option::is_none")] pub failed: Option, - /// Specifies whether or not the Job is finished executing (does not indicate success or failure). + /// Specifies whether or not the Job is finished executing (does not indicate success or + /// failure). pub finished: bool, - /// A unique identifier for the manual backup as provided using the "pgbackrest-backup" annotation when initiating a backup. + /// A unique identifier for the manual backup as provided using the "pgbackrest-backup" + /// annotation when initiating a backup. pub id: String, - /// Represents the time the manual backup Job was acknowledged by the Job controller. It is represented in RFC3339 form and is in UTC. + /// Represents the time the manual backup Job was acknowledged by the Job controller. + /// It is represented in RFC3339 form and is in UTC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "startTime")] pub start_time: Option, /// The number of Pods for the manual backup Job that reached the "Succeeded" phase. @@ -8904,7 +13967,9 @@ pub struct PostgresClusterStatusPgbackrestScheduledBackups { /// The number of actively running manual backup Pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub active: Option, - /// Represents the time the manual backup Job was determined by the Job controller to be completed. This field is only set if the backup completed successfully. Additionally, it is represented in RFC3339 form and is in UTC. + /// Represents the time the manual backup Job was determined by the Job controller + /// to be completed. This field is only set if the backup completed successfully. + /// Additionally, it is represented in RFC3339 form and is in UTC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "completionTime")] pub completion_time: Option, /// The name of the associated pgBackRest scheduled backup CronJob @@ -8916,7 +13981,8 @@ pub struct PostgresClusterStatusPgbackrestScheduledBackups { /// The name of the associated pgBackRest repository #[serde(default, skip_serializing_if = "Option::is_none")] pub repo: Option, - /// Represents the time the manual backup Job was acknowledged by the Job controller. It is represented in RFC3339 form and is in UTC. + /// Represents the time the manual backup Job was acknowledged by the Job controller. + /// It is represented in RFC3339 form and is in UTC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "startTime")] pub start_time: Option, /// The number of Pods for the manual backup Job that reached the "Succeeded" phase. @@ -8936,7 +14002,8 @@ pub struct PostgresClusterStatusProxy { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PostgresClusterStatusProxyPgBouncer { - /// Identifies the revision of PgBouncer assets that have been installed into PostgreSQL. + /// Identifies the revision of PgBouncer assets that have been installed into + /// PostgreSQL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "postgresRevision")] pub postgres_revision: Option, /// Total number of ready pods. diff --git a/kube-custom-resources-rs/src/postgresql_cnpg_io/v1/scheduledbackups.rs b/kube-custom-resources-rs/src/postgresql_cnpg_io/v1/scheduledbackups.rs index e4b96b18c..485555c92 100644 --- a/kube-custom-resources-rs/src/postgresql_cnpg_io/v1/scheduledbackups.rs +++ b/kube-custom-resources-rs/src/postgresql_cnpg_io/v1/scheduledbackups.rs @@ -31,8 +31,8 @@ pub struct ScheduledBackupSpec { /// If the first backup has to be immediately start after creation or not #[serde(default, skip_serializing_if = "Option::is_none")] pub immediate: Option, - /// The backup method to be used, possible options are `barmanObjectStore` - /// and `volumeSnapshot`. Defaults to: `barmanObjectStore`. + /// The backup method to be used, possible options are `barmanObjectStore`, + /// `volumeSnapshot` or `plugin`. Defaults to: `barmanObjectStore`. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, /// Whether the default type of backup with volume snapshots is @@ -91,6 +91,8 @@ pub enum ScheduledBackupMethod { BarmanObjectStore, #[serde(rename = "volumeSnapshot")] VolumeSnapshot, + #[serde(rename = "plugin")] + Plugin, } /// Configuration parameters to control the online/hot backup with volume snapshots diff --git a/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourconfigurations.rs b/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourconfigurations.rs index 3204898f4..a854ce864 100644 --- a/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourconfigurations.rs +++ b/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourconfigurations.rs @@ -216,6 +216,10 @@ pub struct ContourConfigurationEnvoyClusterCircuitBreakers { /// The maximum number of parallel retries a single Envoy instance allows to the Kubernetes Service; defaults to 3. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRetries")] pub max_retries: Option, + /// PerHostMaxConnections is the maximum number of connections + /// that Envoy will allow to each individual host in a cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "perHostMaxConnections")] + pub per_host_max_connections: Option, } /// UpstreamTLS contains the TLS policy parameters for upstream connections @@ -1058,6 +1062,8 @@ pub struct ContourConfigurationXdsServer { /// Defines the XDSServer to use for `contour serve`. /// Values: `envoy` (default), `contour (deprecated)`. /// Other values will produce an error. + /// Deprecated: this field will be removed in a future release when + /// the `contour` xDS server implementation is removed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourdeployments.rs b/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourdeployments.rs index 25041b5fc..20761f828 100644 --- a/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourdeployments.rs +++ b/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourdeployments.rs @@ -2400,6 +2400,10 @@ pub struct ContourDeploymentRuntimeSettingsEnvoyClusterCircuitBreakers { /// The maximum number of parallel retries a single Envoy instance allows to the Kubernetes Service; defaults to 3. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRetries")] pub max_retries: Option, + /// PerHostMaxConnections is the maximum number of connections + /// that Envoy will allow to each individual host in a cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "perHostMaxConnections")] + pub per_host_max_connections: Option, } /// UpstreamTLS contains the TLS policy parameters for upstream connections @@ -3242,6 +3246,8 @@ pub struct ContourDeploymentRuntimeSettingsXdsServer { /// Defines the XDSServer to use for `contour serve`. /// Values: `envoy` (default), `contour (deprecated)`. /// Other values will produce an error. + /// Deprecated: this field will be removed in a future release when + /// the `contour` xDS server implementation is removed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/extensionservices.rs b/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/extensionservices.rs index 0db83df06..66daf0085 100644 --- a/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/extensionservices.rs +++ b/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/extensionservices.rs @@ -19,6 +19,10 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ExtensionServiceSpec { + /// CircuitBreakerPolicy specifies the circuit breaker budget across the extension service. + /// If defined this overrides the global circuit breaker budget. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "circuitBreakerPolicy")] + pub circuit_breaker_policy: Option, /// The policy for load balancing GRPC service requests. Note that the /// `Cookie` and `RequestHash` load balancing strategies cannot be used /// here. @@ -50,6 +54,28 @@ pub struct ExtensionServiceSpec { pub validation: Option, } +/// CircuitBreakerPolicy specifies the circuit breaker budget across the extension service. +/// If defined this overrides the global circuit breaker budget. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ExtensionServiceCircuitBreakerPolicy { + /// The maximum number of connections that a single Envoy instance allows to the Kubernetes Service; defaults to 1024. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxConnections")] + pub max_connections: Option, + /// The maximum number of pending requests that a single Envoy instance allows to the Kubernetes Service; defaults to 1024. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxPendingRequests")] + pub max_pending_requests: Option, + /// The maximum parallel requests a single Envoy instance allows to the Kubernetes Service; defaults to 1024 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRequests")] + pub max_requests: Option, + /// The maximum number of parallel retries a single Envoy instance allows to the Kubernetes Service; defaults to 3. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRetries")] + pub max_retries: Option, + /// PerHostMaxConnections is the maximum number of connections + /// that Envoy will allow to each individual host in a cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "perHostMaxConnections")] + pub per_host_max_connections: Option, +} + /// The policy for load balancing GRPC service requests. Note that the /// `Cookie` and `RequestHash` load balancing strategies cannot be used /// here. diff --git a/kube-custom-resources-rs/src/ptp_openshift_io/v1/nodeptpdevices.rs b/kube-custom-resources-rs/src/ptp_openshift_io/v1/nodeptpdevices.rs index c463b68b9..34d628508 100644 --- a/kube-custom-resources-rs/src/ptp_openshift_io/v1/nodeptpdevices.rs +++ b/kube-custom-resources-rs/src/ptp_openshift_io/v1/nodeptpdevices.rs @@ -23,31 +23,46 @@ pub struct NodePtpDeviceSpec { /// NodePtpDeviceStatus defines the observed state of NodePtpDevice #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodePtpDeviceStatus { - /// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file + /// PtpDevice represents a PTP device available in the cluster node. + /// This struct contains information about the device, including its name and profile. #[serde(default, skip_serializing_if = "Option::is_none")] pub devices: Option>, + /// HwConfig represents the hardware configuration for a device in the cluster. + /// This struct contains information about the device's identification and status, + /// as well as its specific configuration settings. #[serde(default, skip_serializing_if = "Option::is_none")] pub hwconfig: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodePtpDeviceStatusDevices { + /// Name is the name of the PTP device. + /// It is a unique identifier for the device. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Profile is the PTP profile associated with the device. + /// This profile defines the PTP configuration settings for the device. #[serde(default, skip_serializing_if = "Option::is_none")] pub profile: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodePtpDeviceStatusHwconfig { + /// Config contains the configuration settings for the hardware device. + /// This is a JSON object that holds the device-specific configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub config: Option, + /// DeviceID is the unique identifier for the hardware device. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceID")] pub device_id: Option, + /// Failed indicates whether the hardware configuration has failed. + /// A value of true means the configuration has failed. #[serde(default, skip_serializing_if = "Option::is_none")] pub failed: Option, + /// Status provides a descriptive status of the hardware device's configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub status: Option, + /// VendorID is the identifier for the vendor of the hardware device. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vendorID")] pub vendor_id: Option, } diff --git a/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusters.rs b/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusters.rs index e6b47df6c..f872890f1 100644 --- a/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusters.rs +++ b/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusters.rs @@ -60,6 +60,8 @@ pub struct PerconaXtraDBClusterSpec { pub ssl_secret_name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "unsafeFlags")] + pub unsafe_flags: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStrategy")] pub update_strategy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "upgradeOptions")] @@ -1407,6 +1409,8 @@ pub struct PerconaXtraDBClusterHaproxyExposeReplicas { pub load_balancer_ip: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerSourceRanges")] pub load_balancer_source_ranges: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "onlyReaders")] + pub only_readers: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "trafficPolicy")] pub traffic_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] @@ -8280,6 +8284,8 @@ pub struct PerconaXtraDBClusterPxcVolumeSpecPersistentVolumeClaimSelectorMatchEx pub struct PerconaXtraDBClusterTls { #[serde(default, skip_serializing_if = "Option::is_none", rename = "SANs")] pub sa_ns: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "issuerConf")] pub issuer_conf: Option, } @@ -8293,6 +8299,18 @@ pub struct PerconaXtraDBClusterTlsIssuerConf { pub name: String, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterUnsafeFlags { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupIfUnhealthy")] + pub backup_if_unhealthy: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxySize")] + pub proxy_size: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pxcSize")] + pub pxc_size: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tls: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaXtraDBClusterUpgradeOptions { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/quay_redhat_com/v1/quayregistries.rs b/kube-custom-resources-rs/src/quay_redhat_com/v1/quayregistries.rs index ee8cdb7d0..cde310a21 100644 --- a/kube-custom-resources-rs/src/quay_redhat_com/v1/quayregistries.rs +++ b/kube-custom-resources-rs/src/quay_redhat_com/v1/quayregistries.rs @@ -24,7 +24,8 @@ pub struct QuayRegistrySpec { /// Components declare how the Operator should handle backing Quay services. #[serde(default, skip_serializing_if = "Option::is_none")] pub components: Option>, - /// ConfigBundleSecret is the name of the Kubernetes `Secret` in the same namespace which contains the base Quay config and extra certs. + /// ConfigBundleSecret is the name of the Kubernetes `Secret` in the same namespace + /// which contains the base Quay config and extra certs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configBundleSecret")] pub config_bundle_secret: Option, } @@ -34,7 +35,8 @@ pub struct QuayRegistrySpec { pub struct QuayRegistryComponents { /// Kind is the unique name of this type of component. pub kind: String, - /// Managed indicates whether or not the Operator is responsible for the lifecycle of this component. Default is true. + /// Managed indicates whether or not the Operator is responsible for the lifecycle of this component. + /// Default is true. pub managed: bool, /// Overrides holds information regarding component specific configurations. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -79,15 +81,28 @@ pub struct QuayRegistryComponentsOverridesAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -107,31 +122,47 @@ pub struct QuayRegistryComponentsOverridesAffinityNodeAffinityPreferredDuringSch pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -139,7 +170,9 @@ pub struct QuayRegistryComponentsOverridesAffinityNodeAffinityRequiredDuringSche pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -150,26 +183,38 @@ pub struct QuayRegistryComponentsOverridesAffinityNodeAffinityRequiredDuringSche pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -177,10 +222,24 @@ pub struct QuayRegistryComponentsOverridesAffinityNodeAffinityRequiredDuringSche /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -191,7 +250,8 @@ pub struct QuayRegistryComponentsOverridesAffinityPodAffinityPreferredDuringSche /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: QuayRegistryComponentsOverridesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } @@ -201,13 +261,24 @@ pub struct QuayRegistryComponentsOverridesAffinityPodAffinityPreferredDuringSche /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -218,59 +289,93 @@ pub struct QuayRegistryComponentsOverridesAffinityPodAffinityPreferredDuringSche /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -281,42 +386,60 @@ pub struct QuayRegistryComponentsOverridesAffinityPodAffinityRequiredDuringSched /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -324,10 +447,24 @@ pub struct QuayRegistryComponentsOverridesAffinityPodAffinityRequiredDuringSched /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -338,7 +475,8 @@ pub struct QuayRegistryComponentsOverridesAffinityPodAntiAffinityPreferredDuring /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: QuayRegistryComponentsOverridesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } @@ -348,13 +486,24 @@ pub struct QuayRegistryComponentsOverridesAffinityPodAntiAffinityPreferredDuring /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -365,59 +514,93 @@ pub struct QuayRegistryComponentsOverridesAffinityPodAntiAffinityPreferredDuring /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -428,42 +611,60 @@ pub struct QuayRegistryComponentsOverridesAffinityPodAntiAffinityRequiredDuringS /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -473,7 +674,15 @@ pub struct QuayRegistryComponentsOverridesAffinityPodAntiAffinityRequiredDuringS pub struct QuayRegistryComponentsOverridesEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -487,10 +696,12 @@ pub struct QuayRegistryComponentsOverridesEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -503,7 +714,9 @@ pub struct QuayRegistryComponentsOverridesEnvValueFrom { pub struct QuayRegistryComponentsOverridesEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -511,7 +724,8 @@ pub struct QuayRegistryComponentsOverridesEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -522,7 +736,8 @@ pub struct QuayRegistryComponentsOverridesEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct QuayRegistryComponentsOverridesEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -540,7 +755,9 @@ pub struct QuayRegistryComponentsOverridesEnvValueFromResourceFieldRef { pub struct QuayRegistryComponentsOverridesEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/ray_io/v1/rayclusters.rs b/kube-custom-resources-rs/src/ray_io/v1/rayclusters.rs index c837ec614..8da7b5f11 100644 --- a/kube-custom-resources-rs/src/ray_io/v1/rayclusters.rs +++ b/kube-custom-resources-rs/src/ray_io/v1/rayclusters.rs @@ -6404,6 +6404,8 @@ pub struct RayClusterWorkerGroupSpecsTemplateSpecVolumesVsphereVolume { pub struct RayClusterStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableWorkerReplicas")] pub available_worker_replicas: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "desiredCPU")] pub desired_cpu: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "desiredGPU")] @@ -6440,6 +6442,8 @@ pub struct RayClusterStatus { pub struct RayClusterStatusHead { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podIP")] pub pod_ip: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podName")] + pub pod_name: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceIP")] pub service_ip: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] diff --git a/kube-custom-resources-rs/src/ray_io/v1/rayjobs.rs b/kube-custom-resources-rs/src/ray_io/v1/rayjobs.rs index 19eea1786..bc8cdd05d 100644 --- a/kube-custom-resources-rs/src/ray_io/v1/rayjobs.rs +++ b/kube-custom-resources-rs/src/ray_io/v1/rayjobs.rs @@ -22,6 +22,8 @@ use self::prelude::*; pub struct RayJobSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "activeDeadlineSeconds")] pub active_deadline_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "backoffLimit")] + pub backoff_limit: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterSelector")] pub cluster_selector: Option>, pub entrypoint: String, @@ -9434,6 +9436,8 @@ pub struct RayJobStatus { pub dashboard_url: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "endTime")] pub end_time: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub failed: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "jobDeploymentStatus")] pub job_deployment_status: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "jobId")] @@ -9452,12 +9456,16 @@ pub struct RayJobStatus { pub reason: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "startTime")] pub start_time: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub succeeded: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayJobStatusRayClusterStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableWorkerReplicas")] pub available_worker_replicas: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "desiredCPU")] pub desired_cpu: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "desiredGPU")] @@ -9494,6 +9502,8 @@ pub struct RayJobStatusRayClusterStatus { pub struct RayJobStatusRayClusterStatusHead { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podIP")] pub pod_ip: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podName")] + pub pod_name: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceIP")] pub service_ip: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] diff --git a/kube-custom-resources-rs/src/ray_io/v1/rayservices.rs b/kube-custom-resources-rs/src/ray_io/v1/rayservices.rs index 4ff3d3c62..e6bb9fda2 100644 --- a/kube-custom-resources-rs/src/ray_io/v1/rayservices.rs +++ b/kube-custom-resources-rs/src/ray_io/v1/rayservices.rs @@ -6599,6 +6599,8 @@ pub struct RayServiceStatusActiveServiceStatusApplicationStatusesServeDeployment pub struct RayServiceStatusActiveServiceStatusRayClusterStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableWorkerReplicas")] pub available_worker_replicas: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "desiredCPU")] pub desired_cpu: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "desiredGPU")] @@ -6635,6 +6637,8 @@ pub struct RayServiceStatusActiveServiceStatusRayClusterStatus { pub struct RayServiceStatusActiveServiceStatusRayClusterStatusHead { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podIP")] pub pod_ip: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podName")] + pub pod_name: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceIP")] pub service_ip: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] @@ -6677,6 +6681,8 @@ pub struct RayServiceStatusPendingServiceStatusApplicationStatusesServeDeploymen pub struct RayServiceStatusPendingServiceStatusRayClusterStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableWorkerReplicas")] pub available_worker_replicas: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "desiredCPU")] pub desired_cpu: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "desiredGPU")] @@ -6713,6 +6719,8 @@ pub struct RayServiceStatusPendingServiceStatusRayClusterStatus { pub struct RayServiceStatusPendingServiceStatusRayClusterStatusHead { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podIP")] pub pod_ip: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podName")] + pub pod_name: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceIP")] pub service_ip: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] diff --git a/kube-custom-resources-rs/src/rc_app_stacks/v1/runtimecomponents.rs b/kube-custom-resources-rs/src/rc_app_stacks/v1/runtimecomponents.rs index 8fc497857..9d44a4ba3 100644 --- a/kube-custom-resources-rs/src/rc_app_stacks/v1/runtimecomponents.rs +++ b/kube-custom-resources-rs/src/rc_app_stacks/v1/runtimecomponents.rs @@ -42,6 +42,9 @@ pub struct RuntimeComponentSpec { /// Defines the desired state and cycle of applications. #[serde(default, skip_serializing_if = "Option::is_none")] pub deployment: Option, + /// Disable information about services being injected into the application pod's environment variables. Default to false. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableServiceLinks")] + pub disable_service_links: Option, /// An array of environment variables for the application container. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, @@ -133,15 +136,28 @@ pub struct RuntimeComponentAffinity { /// Controls which nodes the pod are scheduled to run on, based on labels on the node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -161,31 +177,47 @@ pub struct RuntimeComponentAffinityNodeAffinityPreferredDuringSchedulingIgnoredD pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -193,7 +225,9 @@ pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDu pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -204,26 +238,38 @@ pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDu pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -231,10 +277,24 @@ pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDu /// Controls the nodes the pod are scheduled to run on, based on labels on the pods that are already running on the node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -245,7 +305,8 @@ pub struct RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDu /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } @@ -255,13 +316,24 @@ pub struct RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDu /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -272,59 +344,93 @@ pub struct RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDu /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -335,42 +441,60 @@ pub struct RuntimeComponentAffinityPodAffinityRequiredDuringSchedulingIgnoredDur /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -378,10 +502,24 @@ pub struct RuntimeComponentAffinityPodAffinityRequiredDuringSchedulingIgnoredDur /// Enables the ability to prevent running a pod on the same node as another pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -392,7 +530,8 @@ pub struct RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnor /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } @@ -402,13 +541,24 @@ pub struct RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnor /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -419,59 +569,93 @@ pub struct RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnor /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -482,42 +666,60 @@ pub struct RuntimeComponentAffinityPodAntiAffinityRequiredDuringSchedulingIgnore /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -550,7 +752,11 @@ pub struct RuntimeComponentDeployment { /// Specifies the strategy to replace old deployment pods with new pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentDeploymentUpdateStrategy { - /// Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. --- TODO: Update this to follow our convention for oneOf, whatever we decide it to be. + /// Rolling update config params. Present only if DeploymentStrategyType = + /// RollingUpdate. + /// --- + /// TODO: Update this to follow our convention for oneOf, whatever we decide it + /// to be. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, /// Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. @@ -558,13 +764,36 @@ pub struct RuntimeComponentDeploymentUpdateStrategy { pub r#type: Option, } -/// Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. --- TODO: Update this to follow our convention for oneOf, whatever we decide it to be. +/// Rolling update config params. Present only if DeploymentStrategyType = +/// RollingUpdate. +/// --- +/// TODO: Update this to follow our convention for oneOf, whatever we decide it +/// to be. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentDeploymentUpdateStrategyRollingUpdate { - /// The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods. + /// The maximum number of pods that can be scheduled above the desired number of + /// pods. + /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + /// This can not be 0 if MaxUnavailable is 0. + /// Absolute number is calculated from percentage by rounding up. + /// Defaults to 25%. + /// Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + /// the rolling update starts, such that the total number of old and new pods do not exceed + /// 130% of desired pods. Once old pods have been killed, + /// new ReplicaSet can be scaled up further, ensuring that total number of pods running + /// at any time during the update is at most 130% of desired pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSurge")] pub max_surge: Option, - /// The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods. + /// The maximum number of pods that can be unavailable during the update. + /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + /// Absolute number is calculated from percentage by rounding down. + /// This can not be 0 if MaxSurge is 0. + /// Defaults to 25%. + /// Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + /// immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + /// can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + /// that the total number of pods available at all times during the update is at + /// least 70% of desired pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, } @@ -574,7 +803,15 @@ pub struct RuntimeComponentDeploymentUpdateStrategyRollingUpdate { pub struct RuntimeComponentEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -588,10 +825,12 @@ pub struct RuntimeComponentEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -604,7 +843,9 @@ pub struct RuntimeComponentEnvValueFrom { pub struct RuntimeComponentEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -612,7 +853,8 @@ pub struct RuntimeComponentEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -623,7 +865,8 @@ pub struct RuntimeComponentEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -641,7 +884,9 @@ pub struct RuntimeComponentEnvValueFromResourceFieldRef { pub struct RuntimeComponentEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -666,7 +911,9 @@ pub struct RuntimeComponentEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -677,7 +924,9 @@ pub struct RuntimeComponentEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -688,69 +937,146 @@ pub struct RuntimeComponentEnvFromSecretRef { /// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainers { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -760,7 +1086,15 @@ pub struct RuntimeComponentInitContainers { pub struct RuntimeComponentInitContainersEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -774,10 +1108,12 @@ pub struct RuntimeComponentInitContainersEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -790,7 +1126,9 @@ pub struct RuntimeComponentInitContainersEnvValueFrom { pub struct RuntimeComponentInitContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -798,7 +1136,8 @@ pub struct RuntimeComponentInitContainersEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -809,7 +1148,8 @@ pub struct RuntimeComponentInitContainersEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -827,7 +1167,9 @@ pub struct RuntimeComponentInitContainersEnvValueFromResourceFieldRef { pub struct RuntimeComponentInitContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -852,7 +1194,9 @@ pub struct RuntimeComponentInitContainersEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -863,7 +1207,9 @@ pub struct RuntimeComponentInitContainersEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -871,18 +1217,33 @@ pub struct RuntimeComponentInitContainersEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePostStart { /// Exec specifies the action to take. @@ -891,7 +1252,9 @@ pub struct RuntimeComponentInitContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -899,7 +1262,11 @@ pub struct RuntimeComponentInitContainersLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -907,7 +1274,8 @@ pub struct RuntimeComponentInitContainersLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -916,9 +1284,12 @@ pub struct RuntimeComponentInitContainersLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -926,23 +1297,36 @@ pub struct RuntimeComponentInitContainersLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePreStop { /// Exec specifies the action to take. @@ -951,7 +1335,9 @@ pub struct RuntimeComponentInitContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -959,7 +1345,11 @@ pub struct RuntimeComponentInitContainersLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -967,7 +1357,8 @@ pub struct RuntimeComponentInitContainersLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -976,9 +1367,12 @@ pub struct RuntimeComponentInitContainersLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -986,53 +1380,77 @@ pub struct RuntimeComponentInitContainersLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1040,18 +1458,26 @@ pub struct RuntimeComponentInitContainersLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1059,7 +1485,8 @@ pub struct RuntimeComponentInitContainersLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1068,9 +1495,12 @@ pub struct RuntimeComponentInitContainersLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1078,7 +1508,8 @@ pub struct RuntimeComponentInitContainersLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1090,61 +1521,89 @@ pub struct RuntimeComponentInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1152,18 +1611,26 @@ pub struct RuntimeComponentInitContainersReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1171,7 +1638,8 @@ pub struct RuntimeComponentInitContainersReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1180,9 +1648,12 @@ pub struct RuntimeComponentInitContainersReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1190,7 +1661,8 @@ pub struct RuntimeComponentInitContainersReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1202,22 +1674,36 @@ pub struct RuntimeComponentInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -1225,49 +1711,95 @@ pub struct RuntimeComponentInitContainersResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersSecurityContextCapabilities { /// Added capabilities @@ -1278,7 +1810,11 @@ pub struct RuntimeComponentInitContainersSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -1295,66 +1831,113 @@ pub struct RuntimeComponentInitContainersSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must only be set if type is "Localhost". #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// This field is alpha-level and will only be honored by components that enable the + /// WindowsHostProcessContainers feature flag. Setting this field without the feature + /// flag will result in errors when validating the Pod. All of a Pod's containers must + /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess + /// containers and non-HostProcess containers). In addition, if HostProcess is true + /// then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1362,18 +1945,26 @@ pub struct RuntimeComponentInitContainersStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1381,7 +1972,8 @@ pub struct RuntimeComponentInitContainersStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1390,9 +1982,12 @@ pub struct RuntimeComponentInitContainersStartupProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1400,7 +1995,8 @@ pub struct RuntimeComponentInitContainersStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1412,7 +2008,9 @@ pub struct RuntimeComponentInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -1429,21 +2027,30 @@ pub struct RuntimeComponentInitContainersVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -1465,19 +2072,23 @@ pub struct RuntimeComponentMonitoringEndpoints { /// Authorization section for this endpoint #[serde(default, skip_serializing_if = "Option::is_none")] pub authorization: Option, - /// BasicAuth allow an endpoint to authenticate over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints + /// BasicAuth allow an endpoint to authenticate over basic authentication + /// More info: https://prometheus.io/docs/operating/configuration/#endpoints #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] pub basic_auth: Option, /// File to read bearer token for scraping targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bearerTokenFile")] pub bearer_token_file: Option, - /// Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the service monitor and accessible by the Prometheus Operator. + /// Secret to mount to read bearer token for scraping targets. The secret + /// needs to be in the same namespace as the service monitor and accessible by + /// the Prometheus Operator. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bearerTokenSecret")] pub bearer_token_secret: Option, /// Whether to enable HTTP2. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHttp2")] pub enable_http2: Option, - /// Drop pods that are not running. (Failed, Succeeded). Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase + /// Drop pods that are not running. (Failed, Succeeded). Enabled by default. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase #[serde(default, skip_serializing_if = "Option::is_none", rename = "filterRunning")] pub filter_running: Option, /// FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. @@ -1489,7 +2100,8 @@ pub struct RuntimeComponentMonitoringEndpoints { /// HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data. #[serde(default, skip_serializing_if = "Option::is_none", rename = "honorTimestamps")] pub honor_timestamps: Option, - /// Interval at which metrics should be scraped If not specified Prometheus' global scrape interval is used. + /// Interval at which metrics should be scraped + /// If not specified Prometheus' global scrape interval is used. #[serde(default, skip_serializing_if = "Option::is_none")] pub interval: Option, /// MetricRelabelConfigs to apply to samples before ingestion. @@ -1501,7 +2113,8 @@ pub struct RuntimeComponentMonitoringEndpoints { /// Optional HTTP URL parameters #[serde(default, skip_serializing_if = "Option::is_none")] pub params: Option>, - /// HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. `/metrics`). + /// HTTP path to scrape for metrics. + /// If empty, Prometheus uses the default value (e.g. `/metrics`). #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// Name of the service port this endpoint refers to. Mutually exclusive with targetPort. @@ -1510,13 +2123,17 @@ pub struct RuntimeComponentMonitoringEndpoints { /// ProxyURL eg http://proxyserver:2195 Directs scrapes to proxy through this endpoint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] pub proxy_url: Option, - /// RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job's name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + /// RelabelConfigs to apply to samples before scraping. + /// Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. + /// The original scrape job's name is available via the `__tmp_prometheus_job_name` label. + /// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config #[serde(default, skip_serializing_if = "Option::is_none")] pub relabelings: Option>, /// HTTP scheme to use for scraping. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, - /// Timeout after which the scrape is ended If not specified, the Prometheus global scrape timeout is used unless it is less than `Interval` in which the latter is used. + /// Timeout after which the scrape is ended + /// If not specified, the Prometheus global scrape timeout is used unless it is less than `Interval` in which the latter is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeTimeout")] pub scrape_timeout: Option, /// Name or number of the target port of the Pod behind the Service, the port must be specified with container port property. Mutually exclusive with port. @@ -1533,7 +2150,8 @@ pub struct RuntimeComponentMonitoringEndpointsAuthorization { /// The secret's key that contains the credentials of the request #[serde(default, skip_serializing_if = "Option::is_none")] pub credentials: Option, - /// Set the authentication type. Defaults to Bearer, Basic will cause an error + /// Set the authentication type. Defaults to Bearer, Basic will cause an + /// error #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -1543,7 +2161,9 @@ pub struct RuntimeComponentMonitoringEndpointsAuthorization { pub struct RuntimeComponentMonitoringEndpointsAuthorizationCredentials { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1551,23 +2171,29 @@ pub struct RuntimeComponentMonitoringEndpointsAuthorizationCredentials { pub optional: Option, } -/// BasicAuth allow an endpoint to authenticate over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints +/// BasicAuth allow an endpoint to authenticate over basic authentication +/// More info: https://prometheus.io/docs/operating/configuration/#endpoints #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentMonitoringEndpointsBasicAuth { - /// The secret in the service monitor namespace that contains the password for authentication. + /// The secret in the service monitor namespace that contains the password + /// for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] pub password: Option, - /// The secret in the service monitor namespace that contains the username for authentication. + /// The secret in the service monitor namespace that contains the username + /// for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] pub username: Option, } -/// The secret in the service monitor namespace that contains the password for authentication. +/// The secret in the service monitor namespace that contains the password +/// for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentMonitoringEndpointsBasicAuthPassword { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1575,12 +2201,15 @@ pub struct RuntimeComponentMonitoringEndpointsBasicAuthPassword { pub optional: Option, } -/// The secret in the service monitor namespace that contains the username for authentication. +/// The secret in the service monitor namespace that contains the username +/// for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentMonitoringEndpointsBasicAuthUsername { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1588,12 +2217,16 @@ pub struct RuntimeComponentMonitoringEndpointsBasicAuthUsername { pub optional: Option, } -/// Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the service monitor and accessible by the Prometheus Operator. +/// Secret to mount to read bearer token for scraping targets. The secret +/// needs to be in the same namespace as the service monitor and accessible by +/// the Prometheus Operator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentMonitoringEndpointsBearerTokenSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1601,10 +2234,13 @@ pub struct RuntimeComponentMonitoringEndpointsBearerTokenSecret { pub optional: Option, } -/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs +/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. +/// It defines ``-section of Prometheus configuration. +/// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentMonitoringEndpointsMetricRelabelings { - /// Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36. + /// Action to perform based on regex matching. Default is 'replace'. + /// uppercase and lowercase actions require Prometheus >= 2.36. #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, /// Modulus to take of the hash of the source label values. @@ -1613,21 +2249,27 @@ pub struct RuntimeComponentMonitoringEndpointsMetricRelabelings { /// Regular expression against which the extracted value is matched. Default is '(.*)' #[serde(default, skip_serializing_if = "Option::is_none")] pub regex: Option, - /// Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1' + /// Replacement value against which a regex replace is performed if the + /// regular expression matches. Regex capture groups are available. Default is '$1' #[serde(default, skip_serializing_if = "Option::is_none")] pub replacement: Option, /// Separator placed between concatenated source label values. default is ';'. #[serde(default, skip_serializing_if = "Option::is_none")] pub separator: Option, - /// The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions. + /// The source labels select values from existing labels. Their content is concatenated + /// using the configured separator and matched against the configured regular expression + /// for the replace, keep, and drop actions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceLabels")] pub source_labels: Option>, - /// Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available. + /// Label to which the resulting value is written in a replace action. + /// It is mandatory for replace actions. Regex capture groups are available. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetLabel")] pub target_label: Option, } -/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs +/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. +/// It defines ``-section of Prometheus configuration. +/// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum RuntimeComponentMonitoringEndpointsMetricRelabelingsAction { #[serde(rename = "replace")] @@ -1706,7 +2348,9 @@ pub struct RuntimeComponentMonitoringEndpointsOauth2ClientId { pub struct RuntimeComponentMonitoringEndpointsOauth2ClientIdConfigMap { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1719,7 +2363,9 @@ pub struct RuntimeComponentMonitoringEndpointsOauth2ClientIdConfigMap { pub struct RuntimeComponentMonitoringEndpointsOauth2ClientIdSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1732,7 +2378,9 @@ pub struct RuntimeComponentMonitoringEndpointsOauth2ClientIdSecret { pub struct RuntimeComponentMonitoringEndpointsOauth2ClientSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1740,10 +2388,13 @@ pub struct RuntimeComponentMonitoringEndpointsOauth2ClientSecret { pub optional: Option, } -/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs +/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. +/// It defines ``-section of Prometheus configuration. +/// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentMonitoringEndpointsRelabelings { - /// Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36. + /// Action to perform based on regex matching. Default is 'replace'. + /// uppercase and lowercase actions require Prometheus >= 2.36. #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, /// Modulus to take of the hash of the source label values. @@ -1752,21 +2403,27 @@ pub struct RuntimeComponentMonitoringEndpointsRelabelings { /// Regular expression against which the extracted value is matched. Default is '(.*)' #[serde(default, skip_serializing_if = "Option::is_none")] pub regex: Option, - /// Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1' + /// Replacement value against which a regex replace is performed if the + /// regular expression matches. Regex capture groups are available. Default is '$1' #[serde(default, skip_serializing_if = "Option::is_none")] pub replacement: Option, /// Separator placed between concatenated source label values. default is ';'. #[serde(default, skip_serializing_if = "Option::is_none")] pub separator: Option, - /// The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions. + /// The source labels select values from existing labels. Their content is concatenated + /// using the configured separator and matched against the configured regular expression + /// for the replace, keep, and drop actions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceLabels")] pub source_labels: Option>, - /// Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available. + /// Label to which the resulting value is written in a replace action. + /// It is mandatory for replace actions. Regex capture groups are available. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetLabel")] pub target_label: Option, } -/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs +/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. +/// It defines ``-section of Prometheus configuration. +/// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum RuntimeComponentMonitoringEndpointsRelabelingsAction { #[serde(rename = "replace")] @@ -1854,7 +2511,9 @@ pub struct RuntimeComponentMonitoringEndpointsTlsConfigCa { pub struct RuntimeComponentMonitoringEndpointsTlsConfigCaConfigMap { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1867,7 +2526,9 @@ pub struct RuntimeComponentMonitoringEndpointsTlsConfigCaConfigMap { pub struct RuntimeComponentMonitoringEndpointsTlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1891,7 +2552,9 @@ pub struct RuntimeComponentMonitoringEndpointsTlsConfigCert { pub struct RuntimeComponentMonitoringEndpointsTlsConfigCertConfigMap { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1904,7 +2567,9 @@ pub struct RuntimeComponentMonitoringEndpointsTlsConfigCertConfigMap { pub struct RuntimeComponentMonitoringEndpointsTlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1917,7 +2582,9 @@ pub struct RuntimeComponentMonitoringEndpointsTlsConfigCertSecret { pub struct RuntimeComponentMonitoringEndpointsTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1959,31 +2626,47 @@ pub struct RuntimeComponentProbesLiveness { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1991,18 +2674,26 @@ pub struct RuntimeComponentProbesLiveness { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesLivenessExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesLivenessGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2010,7 +2701,8 @@ pub struct RuntimeComponentProbesLivenessGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesLivenessHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2019,9 +2711,12 @@ pub struct RuntimeComponentProbesLivenessHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2029,7 +2724,8 @@ pub struct RuntimeComponentProbesLivenessHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesLivenessHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2041,7 +2737,9 @@ pub struct RuntimeComponentProbesLivenessTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -2051,31 +2749,47 @@ pub struct RuntimeComponentProbesReadiness { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2083,18 +2797,26 @@ pub struct RuntimeComponentProbesReadiness { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesReadinessExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesReadinessGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2102,7 +2824,8 @@ pub struct RuntimeComponentProbesReadinessGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesReadinessHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2111,9 +2834,12 @@ pub struct RuntimeComponentProbesReadinessHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2121,7 +2847,8 @@ pub struct RuntimeComponentProbesReadinessHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesReadinessHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2133,7 +2860,9 @@ pub struct RuntimeComponentProbesReadinessTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -2143,31 +2872,47 @@ pub struct RuntimeComponentProbesStartup { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2175,18 +2920,26 @@ pub struct RuntimeComponentProbesStartup { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesStartupExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesStartupGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2194,7 +2947,8 @@ pub struct RuntimeComponentProbesStartupGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesStartupHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2203,9 +2957,12 @@ pub struct RuntimeComponentProbesStartupHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2213,7 +2970,8 @@ pub struct RuntimeComponentProbesStartupHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesStartupHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2225,22 +2983,34 @@ pub struct RuntimeComponentProbesStartupTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// Resource requests and limits for the application container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -2248,7 +3018,9 @@ pub struct RuntimeComponentResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -2281,42 +3053,84 @@ pub struct RuntimeComponentRoute { /// Security context for the application container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSecurityContextCapabilities { /// Added capabilities @@ -2327,7 +3141,11 @@ pub struct RuntimeComponentSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -2344,31 +3162,56 @@ pub struct RuntimeComponentSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must only be set if type is "Localhost". #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// This field is alpha-level and will only be honored by components that enable the + /// WindowsHostProcessContainers feature flag. Setting this field without the feature + /// flag will result in errors when validating the Pod. All of a Pod's containers must + /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess + /// containers and non-HostProcess containers). In addition, if HostProcess is true + /// then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } @@ -2419,21 +3262,46 @@ pub struct RuntimeComponentServiceCertificate { /// ServicePort contains information on service's port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentServicePorts { - /// The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol. + /// The application protocol for this port. + /// This field follows standard Kubernetes label syntax. + /// Un-prefixed names are reserved for IANA standard service names (as per + /// RFC-6335 and https://www.iana.org/assignments/service-names). + /// Non-standard protocols should use prefixed names such as + /// mycompany.com/my-custom-protocol. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] pub app_protocol: Option, - /// The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service. + /// The name of this port within the service. This must be a DNS_LABEL. + /// All ports within a ServiceSpec must have unique names. When considering + /// the endpoints for a Service, this must match the 'name' field in the + /// EndpointPort. + /// Optional if only one ServicePort is defined on this service. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + /// The port on each node on which this service is exposed when type is + /// NodePort or LoadBalancer. Usually assigned by the system. If a value is + /// specified, in-range, and not in use it will be used, otherwise the + /// operation will fail. If not specified, a port will be allocated if this + /// Service requires one. If this field is specified when creating a + /// Service which does not need it, creation will fail. This field will be + /// wiped when updating a Service to no longer need it (e.g. changing type + /// from NodePort to ClusterIP). + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] pub node_port: Option, /// The port that will be exposed by this service. pub port: i32, - /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". Default is TCP. + /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". + /// Default is TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service + /// Number or name of the port to access on the pods targeted by the service. + /// Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// If this is a string, it will be looked up as a named port in the + /// target Pod's container ports. If this is not specified, the value + /// of the 'port' field is used (an identity map). + /// This field is ignored for services with clusterIP=None, and should be + /// omitted or set equal to the 'port' field. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPort")] pub target_port: Option, } @@ -2452,69 +3320,146 @@ pub struct RuntimeComponentServiceAccount { /// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainers { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -2524,7 +3469,15 @@ pub struct RuntimeComponentSidecarContainers { pub struct RuntimeComponentSidecarContainersEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -2538,10 +3491,12 @@ pub struct RuntimeComponentSidecarContainersEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -2554,7 +3509,9 @@ pub struct RuntimeComponentSidecarContainersEnvValueFrom { pub struct RuntimeComponentSidecarContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2562,7 +3519,8 @@ pub struct RuntimeComponentSidecarContainersEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2573,7 +3531,8 @@ pub struct RuntimeComponentSidecarContainersEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -2591,7 +3550,9 @@ pub struct RuntimeComponentSidecarContainersEnvValueFromResourceFieldRef { pub struct RuntimeComponentSidecarContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2616,7 +3577,9 @@ pub struct RuntimeComponentSidecarContainersEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -2627,7 +3590,9 @@ pub struct RuntimeComponentSidecarContainersEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -2635,18 +3600,33 @@ pub struct RuntimeComponentSidecarContainersEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePostStart { /// Exec specifies the action to take. @@ -2655,7 +3635,9 @@ pub struct RuntimeComponentSidecarContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -2663,7 +3645,11 @@ pub struct RuntimeComponentSidecarContainersLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2671,7 +3657,8 @@ pub struct RuntimeComponentSidecarContainersLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2680,9 +3667,12 @@ pub struct RuntimeComponentSidecarContainersLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2690,23 +3680,36 @@ pub struct RuntimeComponentSidecarContainersLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePreStop { /// Exec specifies the action to take. @@ -2715,7 +3718,9 @@ pub struct RuntimeComponentSidecarContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -2723,7 +3728,11 @@ pub struct RuntimeComponentSidecarContainersLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2731,7 +3740,8 @@ pub struct RuntimeComponentSidecarContainersLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2740,9 +3750,12 @@ pub struct RuntimeComponentSidecarContainersLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2750,53 +3763,77 @@ pub struct RuntimeComponentSidecarContainersLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2804,18 +3841,26 @@ pub struct RuntimeComponentSidecarContainersLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2823,7 +3868,8 @@ pub struct RuntimeComponentSidecarContainersLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2832,9 +3878,12 @@ pub struct RuntimeComponentSidecarContainersLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2842,7 +3891,8 @@ pub struct RuntimeComponentSidecarContainersLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2854,61 +3904,89 @@ pub struct RuntimeComponentSidecarContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2916,18 +3994,26 @@ pub struct RuntimeComponentSidecarContainersReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2935,7 +4021,8 @@ pub struct RuntimeComponentSidecarContainersReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2944,9 +4031,12 @@ pub struct RuntimeComponentSidecarContainersReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2954,7 +4044,8 @@ pub struct RuntimeComponentSidecarContainersReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2966,22 +4057,36 @@ pub struct RuntimeComponentSidecarContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -2989,49 +4094,95 @@ pub struct RuntimeComponentSidecarContainersResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersSecurityContextCapabilities { /// Added capabilities @@ -3042,7 +4193,11 @@ pub struct RuntimeComponentSidecarContainersSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -3059,66 +4214,113 @@ pub struct RuntimeComponentSidecarContainersSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must only be set if type is "Localhost". #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// This field is alpha-level and will only be honored by components that enable the + /// WindowsHostProcessContainers feature flag. Setting this field without the feature + /// flag will result in errors when validating the Pod. All of a Pod's containers must + /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess + /// containers and non-HostProcess containers). In addition, if HostProcess is true + /// then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -3126,18 +4328,26 @@ pub struct RuntimeComponentSidecarContainersStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -3145,7 +4355,8 @@ pub struct RuntimeComponentSidecarContainersStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -3154,9 +4365,12 @@ pub struct RuntimeComponentSidecarContainersStartupProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -3164,7 +4378,8 @@ pub struct RuntimeComponentSidecarContainersStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -3176,7 +4391,9 @@ pub struct RuntimeComponentSidecarContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -3193,21 +4410,30 @@ pub struct RuntimeComponentSidecarContainersVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -3246,24 +4472,36 @@ pub struct RuntimeComponentStatefulSetStorage { /// A YAML object that represents a volumeClaimTemplate component of a StatefulSet. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplate { - /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + /// APIVersion defines the versioned schema of this representation of an object. + /// Servers should convert recognized schemas to the latest internal value, and + /// may reject unrecognized values. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind is a string value representing the REST resource this object represents. + /// Servers may infer this from the endpoint the client submits requests to. + /// Cannot be updated. + /// In CamelCase. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + /// Standard object's metadata. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// spec defines the desired characteristics of a volume requested by a pod author. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, - /// status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// status represents the current information/status of a persistent volume claim. + /// Read-only. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none")] pub status: Option, } -/// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata +/// Standard object's metadata. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3278,28 +4516,65 @@ pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateMetadata { pub namespace: Option, } -/// spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// spec defines the desired characteristics of a volume requested by a pod author. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -3307,10 +4582,19 @@ pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -3319,33 +4603,73 @@ pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3353,7 +4677,9 @@ pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -3363,42 +4689,63 @@ pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// status represents the current information/status of a persistent volume claim. +/// Read-only. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateStatus { - /// accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the actual access modes the volume backing the PVC has. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + /// allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may + /// be larger than the actual capacity when a volume expansion operation is requested. + /// For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. + /// If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. + /// If a volume expansion capacity request is lowered, allocatedResources is only + /// lowered if there are no expansion operations in progress and if the actual volume capacity + /// is equal or lower than the requested capacity. + /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResources")] pub allocated_resources: Option>, /// capacity represents the actual resources of the underlying volume. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option>, - /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'. + /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + /// resized then the Condition will be set to 'ResizeStarted'. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// phase represents the current phase of PersistentVolumeClaim. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + /// resizeStatus stores status of resize operation. + /// ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty + /// string by resize controller or kubelet. + /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizeStatus")] pub resize_status: Option, } @@ -3409,7 +4756,8 @@ pub struct RuntimeComponentStatefulSetUpdateStrategy { /// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, - /// Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. + /// Type indicates the type of the StatefulSetUpdateStrategy. + /// Default is RollingUpdate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -3417,10 +4765,19 @@ pub struct RuntimeComponentStatefulSetUpdateStrategy { /// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetUpdateStrategyRollingUpdate { - /// The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable. + /// The maximum number of pods that can be unavailable during the update. + /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + /// Absolute number is calculated from percentage by rounding up. This can not be 0. + /// Defaults to 1. This field is alpha-level and is only honored by servers that enable the + /// MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to + /// Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it + /// will be counted towards MaxUnavailable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, - /// Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0. + /// Partition indicates the ordinal at which the StatefulSet should be partitioned + /// for updates. During a rolling update, all pods from ordinal Replicas-1 to + /// Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. + /// This is helpful in being able to do a canary based deployment. The default value is 0. #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, } @@ -3439,55 +4796,146 @@ pub struct RuntimeComponentTopologySpreadConstraints { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentTopologySpreadConstraintsConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentTopologySpreadConstraintsConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentTopologySpreadConstraintsConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3495,21 +4943,30 @@ pub struct RuntimeComponentTopologySpreadConstraintsConstraintsLabelSelectorMatc /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -3517,7 +4974,9 @@ pub struct RuntimeComponentVolumeMounts { /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. @@ -3529,7 +4988,8 @@ pub struct RuntimeComponentVolumes { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume @@ -3541,46 +5001,91 @@ pub struct RuntimeComponentVolumes { /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - /// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). - /// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - /// A pod can use both types of ephemeral volumes and persistent volumes at the same time. + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, - /// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// --- + /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, - /// name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine @@ -3595,13 +5100,15 @@ pub struct RuntimeComponentVolumes { /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, - /// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. @@ -3612,19 +5119,30 @@ pub struct RuntimeComponentVolumes { pub vsphere_volume: Option, } -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } @@ -3641,13 +5159,16 @@ pub struct RuntimeComponentVolumesAzureDisk { /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, - /// fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -3655,7 +5176,8 @@ pub struct RuntimeComponentVolumesAzureDisk { /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretName is the name of secret that contains Azure Storage Account Name and Key @@ -3669,54 +5191,74 @@ pub struct RuntimeComponentVolumesAzureFile { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesCephfsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesCinder { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } -/// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesCinderSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3724,13 +5266,27 @@ pub struct RuntimeComponentVolumesCinderSecretRef { /// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -3743,36 +5299,59 @@ pub struct RuntimeComponentVolumesConfigMap { pub struct RuntimeComponentVolumesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } -/// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesCsiNodePublishSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3780,7 +5359,14 @@ pub struct RuntimeComponentVolumesCsiNodePublishSecretRef { /// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// Items is a list of downward API volume file @@ -3794,12 +5380,18 @@ pub struct RuntimeComponentVolumesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -3815,7 +5407,8 @@ pub struct RuntimeComponentVolumesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -3828,46 +5421,125 @@ pub struct RuntimeComponentVolumesDownwardApiItemsResourceFieldRef { pub resource: String, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: http://kubernetes.io/docs/user-guide/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } -/// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. -/// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). -/// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. -/// A pod can use both types of ephemeral volumes and persistent volumes at the same time. +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - /// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - /// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - /// Required, must not be nil. + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// + /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } -/// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). -/// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. -/// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. -/// Required, must not be nil. +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. pub spec: RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpec, } -/// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3882,28 +5554,67 @@ pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateMetadata { pub namespace: Option, } -/// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -3911,10 +5622,19 @@ pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -3923,33 +5643,73 @@ pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3957,7 +5717,9 @@ pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -3967,19 +5729,26 @@ pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3987,46 +5756,65 @@ pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchE /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesFc { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } -/// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesFlexVolume { /// driver is the name of the driver to use for this volume. pub driver: String, - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesFlexVolumeSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4034,7 +5822,8 @@ pub struct RuntimeComponentVolumesFlexVolumeSecretRef { /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -4042,27 +5831,46 @@ pub struct RuntimeComponentVolumesFlocker { pub dataset_uuid: Option, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesGitRepo { - /// directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// repository is the URL @@ -4072,29 +5880,47 @@ pub struct RuntimeComponentVolumesGitRepo { pub revision: Option, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, - /// path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +/// --- +/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not +/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesHostPath { - /// path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, - /// type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesIscsi { /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication @@ -4103,29 +5929,39 @@ pub struct RuntimeComponentVolumesIscsi { /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, /// iqn is the target iSCSI Qualified Name. pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, /// lun represents iSCSI Target Lun number. pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } @@ -4133,30 +5969,41 @@ pub struct RuntimeComponentVolumesIscsi { /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesIscsiSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesNfs { - /// path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } -/// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. Default false. + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -4164,7 +6011,9 @@ pub struct RuntimeComponentVolumesPersistentVolumeClaim { /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// pdID is the ID that identifies Photon Controller persistent disk @@ -4175,10 +6024,13 @@ pub struct RuntimeComponentVolumesPhotonPersistentDisk { /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesPortworxVolume { - /// fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// volumeID uniquely identifies a Portworx volume @@ -4189,7 +6041,12 @@ pub struct RuntimeComponentVolumesPortworxVolume { /// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// sources is the list of volume projections @@ -4217,10 +6074,18 @@ pub struct RuntimeComponentVolumesProjectedSources { /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -4233,10 +6098,18 @@ pub struct RuntimeComponentVolumesProjectedSourcesConfigMap { pub struct RuntimeComponentVolumesProjectedSourcesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -4254,12 +6127,18 @@ pub struct RuntimeComponentVolumesProjectedSourcesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -4275,7 +6154,8 @@ pub struct RuntimeComponentVolumesProjectedSourcesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -4291,10 +6171,18 @@ pub struct RuntimeComponentVolumesProjectedSourcesDownwardApiItemsResourceFieldR /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -4307,78 +6195,124 @@ pub struct RuntimeComponentVolumesProjectedSourcesSecret { pub struct RuntimeComponentVolumesProjectedSourcesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesQuobyte { - /// group to map volume access to Default is no group + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, - /// tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, - /// user to map volume access to Defaults to serivceaccount user + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, - /// keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, - /// monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, - /// pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesRbdSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4386,7 +6320,10 @@ pub struct RuntimeComponentVolumesRbdSecretRef { /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesScaleIo { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// gateway is the host address of the ScaleIO API Gateway. @@ -4394,16 +6331,19 @@ pub struct RuntimeComponentVolumesScaleIo { /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: RuntimeComponentVolumesScaleIoSecretRef, /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, /// storagePool is the ScaleIO Storage Pool associated with the protection domain. @@ -4411,32 +6351,50 @@ pub struct RuntimeComponentVolumesScaleIo { pub storage_pool: Option, /// system is the name of the storage system as configured in ScaleIO. pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesScaleIoSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -4446,37 +6404,58 @@ pub struct RuntimeComponentVolumesSecret { pub struct RuntimeComponentVolumesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesStorageos { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } -/// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesStorageosSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4484,7 +6463,9 @@ pub struct RuntimeComponentVolumesStorageosSecretRef { /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesVsphereVolume { - /// fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. @@ -4501,7 +6482,8 @@ pub struct RuntimeComponentVolumesVsphereVolume { /// Defines the observed state of RuntimeComponent. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatus { - /// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + /// LocalObjectReference contains enough information to let you locate the + /// referenced object inside the same namespace. #[serde(default, skip_serializing_if = "Option::is_none")] pub binding: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4519,10 +6501,13 @@ pub struct RuntimeComponentStatus { pub versions: Option, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatusBinding { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/rc_app_stacks/v1beta2/runtimecomponents.rs b/kube-custom-resources-rs/src/rc_app_stacks/v1beta2/runtimecomponents.rs index 79b5b5702..1740ca9b2 100644 --- a/kube-custom-resources-rs/src/rc_app_stacks/v1beta2/runtimecomponents.rs +++ b/kube-custom-resources-rs/src/rc_app_stacks/v1beta2/runtimecomponents.rs @@ -118,15 +118,28 @@ pub struct RuntimeComponentAffinity { /// Controls which nodes the pod are scheduled to run on, based on labels on the node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -146,31 +159,47 @@ pub struct RuntimeComponentAffinityNodeAffinityPreferredDuringSchedulingIgnoredD pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -178,7 +207,9 @@ pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDu pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -189,26 +220,38 @@ pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDu pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -216,10 +259,24 @@ pub struct RuntimeComponentAffinityNodeAffinityRequiredDuringSchedulingIgnoredDu /// Controls the nodes the pod are scheduled to run on, based on labels on the pods that are already running on the node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -230,7 +287,8 @@ pub struct RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDu /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } @@ -240,13 +298,24 @@ pub struct RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDu /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -257,59 +326,93 @@ pub struct RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDu /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -320,42 +423,60 @@ pub struct RuntimeComponentAffinityPodAffinityRequiredDuringSchedulingIgnoredDur /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -363,10 +484,24 @@ pub struct RuntimeComponentAffinityPodAffinityRequiredDuringSchedulingIgnoredDur /// Enables the ability to prevent running a pod on the same node as another pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -377,7 +512,8 @@ pub struct RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnor /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } @@ -387,13 +523,24 @@ pub struct RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnor /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -404,59 +551,93 @@ pub struct RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnor /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -467,42 +648,60 @@ pub struct RuntimeComponentAffinityPodAntiAffinityRequiredDuringSchedulingIgnore /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -535,7 +734,11 @@ pub struct RuntimeComponentDeployment { /// Specifies the strategy to replace old deployment pods with new pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentDeploymentUpdateStrategy { - /// Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. --- TODO: Update this to follow our convention for oneOf, whatever we decide it to be. + /// Rolling update config params. Present only if DeploymentStrategyType = + /// RollingUpdate. + /// --- + /// TODO: Update this to follow our convention for oneOf, whatever we decide it + /// to be. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, /// Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. @@ -543,13 +746,36 @@ pub struct RuntimeComponentDeploymentUpdateStrategy { pub r#type: Option, } -/// Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. --- TODO: Update this to follow our convention for oneOf, whatever we decide it to be. +/// Rolling update config params. Present only if DeploymentStrategyType = +/// RollingUpdate. +/// --- +/// TODO: Update this to follow our convention for oneOf, whatever we decide it +/// to be. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentDeploymentUpdateStrategyRollingUpdate { - /// The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods. + /// The maximum number of pods that can be scheduled above the desired number of + /// pods. + /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + /// This can not be 0 if MaxUnavailable is 0. + /// Absolute number is calculated from percentage by rounding up. + /// Defaults to 25%. + /// Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + /// the rolling update starts, such that the total number of old and new pods do not exceed + /// 130% of desired pods. Once old pods have been killed, + /// new ReplicaSet can be scaled up further, ensuring that total number of pods running + /// at any time during the update is at most 130% of desired pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSurge")] pub max_surge: Option, - /// The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods. + /// The maximum number of pods that can be unavailable during the update. + /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + /// Absolute number is calculated from percentage by rounding down. + /// This can not be 0 if MaxSurge is 0. + /// Defaults to 25%. + /// Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + /// immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + /// can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + /// that the total number of pods available at all times during the update is at + /// least 70% of desired pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, } @@ -559,7 +785,15 @@ pub struct RuntimeComponentDeploymentUpdateStrategyRollingUpdate { pub struct RuntimeComponentEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -573,10 +807,12 @@ pub struct RuntimeComponentEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -589,7 +825,9 @@ pub struct RuntimeComponentEnvValueFrom { pub struct RuntimeComponentEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -597,7 +835,8 @@ pub struct RuntimeComponentEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -608,7 +847,8 @@ pub struct RuntimeComponentEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -626,7 +866,9 @@ pub struct RuntimeComponentEnvValueFromResourceFieldRef { pub struct RuntimeComponentEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -651,7 +893,9 @@ pub struct RuntimeComponentEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -662,7 +906,9 @@ pub struct RuntimeComponentEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -673,69 +919,146 @@ pub struct RuntimeComponentEnvFromSecretRef { /// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainers { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -745,7 +1068,15 @@ pub struct RuntimeComponentInitContainers { pub struct RuntimeComponentInitContainersEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -759,10 +1090,12 @@ pub struct RuntimeComponentInitContainersEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -775,7 +1108,9 @@ pub struct RuntimeComponentInitContainersEnvValueFrom { pub struct RuntimeComponentInitContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -783,7 +1118,8 @@ pub struct RuntimeComponentInitContainersEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -794,7 +1130,8 @@ pub struct RuntimeComponentInitContainersEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -812,7 +1149,9 @@ pub struct RuntimeComponentInitContainersEnvValueFromResourceFieldRef { pub struct RuntimeComponentInitContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -837,7 +1176,9 @@ pub struct RuntimeComponentInitContainersEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -848,7 +1189,9 @@ pub struct RuntimeComponentInitContainersEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -856,18 +1199,33 @@ pub struct RuntimeComponentInitContainersEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePostStart { /// Exec specifies the action to take. @@ -876,7 +1234,9 @@ pub struct RuntimeComponentInitContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -884,7 +1244,11 @@ pub struct RuntimeComponentInitContainersLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -892,7 +1256,8 @@ pub struct RuntimeComponentInitContainersLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -901,9 +1266,12 @@ pub struct RuntimeComponentInitContainersLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -911,23 +1279,36 @@ pub struct RuntimeComponentInitContainersLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePreStop { /// Exec specifies the action to take. @@ -936,7 +1317,9 @@ pub struct RuntimeComponentInitContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -944,7 +1327,11 @@ pub struct RuntimeComponentInitContainersLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -952,7 +1339,8 @@ pub struct RuntimeComponentInitContainersLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -961,9 +1349,12 @@ pub struct RuntimeComponentInitContainersLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -971,53 +1362,77 @@ pub struct RuntimeComponentInitContainersLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1025,18 +1440,26 @@ pub struct RuntimeComponentInitContainersLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1044,7 +1467,8 @@ pub struct RuntimeComponentInitContainersLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1053,9 +1477,12 @@ pub struct RuntimeComponentInitContainersLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1063,7 +1490,8 @@ pub struct RuntimeComponentInitContainersLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1075,61 +1503,89 @@ pub struct RuntimeComponentInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1137,18 +1593,26 @@ pub struct RuntimeComponentInitContainersReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1156,7 +1620,8 @@ pub struct RuntimeComponentInitContainersReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1165,9 +1630,12 @@ pub struct RuntimeComponentInitContainersReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1175,7 +1643,8 @@ pub struct RuntimeComponentInitContainersReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1187,22 +1656,36 @@ pub struct RuntimeComponentInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -1210,49 +1693,95 @@ pub struct RuntimeComponentInitContainersResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersSecurityContextCapabilities { /// Added capabilities @@ -1263,7 +1792,11 @@ pub struct RuntimeComponentInitContainersSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -1280,66 +1813,113 @@ pub struct RuntimeComponentInitContainersSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must only be set if type is "Localhost". #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// This field is alpha-level and will only be honored by components that enable the + /// WindowsHostProcessContainers feature flag. Setting this field without the feature + /// flag will result in errors when validating the Pod. All of a Pod's containers must + /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess + /// containers and non-HostProcess containers). In addition, if HostProcess is true + /// then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1347,18 +1927,26 @@ pub struct RuntimeComponentInitContainersStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1366,7 +1954,8 @@ pub struct RuntimeComponentInitContainersStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1375,9 +1964,12 @@ pub struct RuntimeComponentInitContainersStartupProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1385,7 +1977,8 @@ pub struct RuntimeComponentInitContainersStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1397,7 +1990,9 @@ pub struct RuntimeComponentInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -1414,21 +2009,30 @@ pub struct RuntimeComponentInitContainersVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentInitContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -1450,19 +2054,23 @@ pub struct RuntimeComponentMonitoringEndpoints { /// Authorization section for this endpoint #[serde(default, skip_serializing_if = "Option::is_none")] pub authorization: Option, - /// BasicAuth allow an endpoint to authenticate over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints + /// BasicAuth allow an endpoint to authenticate over basic authentication + /// More info: https://prometheus.io/docs/operating/configuration/#endpoints #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] pub basic_auth: Option, /// File to read bearer token for scraping targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bearerTokenFile")] pub bearer_token_file: Option, - /// Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the service monitor and accessible by the Prometheus Operator. + /// Secret to mount to read bearer token for scraping targets. The secret + /// needs to be in the same namespace as the service monitor and accessible by + /// the Prometheus Operator. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bearerTokenSecret")] pub bearer_token_secret: Option, /// Whether to enable HTTP2. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHttp2")] pub enable_http2: Option, - /// Drop pods that are not running. (Failed, Succeeded). Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase + /// Drop pods that are not running. (Failed, Succeeded). Enabled by default. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase #[serde(default, skip_serializing_if = "Option::is_none", rename = "filterRunning")] pub filter_running: Option, /// FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. @@ -1474,7 +2082,8 @@ pub struct RuntimeComponentMonitoringEndpoints { /// HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data. #[serde(default, skip_serializing_if = "Option::is_none", rename = "honorTimestamps")] pub honor_timestamps: Option, - /// Interval at which metrics should be scraped If not specified Prometheus' global scrape interval is used. + /// Interval at which metrics should be scraped + /// If not specified Prometheus' global scrape interval is used. #[serde(default, skip_serializing_if = "Option::is_none")] pub interval: Option, /// MetricRelabelConfigs to apply to samples before ingestion. @@ -1486,7 +2095,8 @@ pub struct RuntimeComponentMonitoringEndpoints { /// Optional HTTP URL parameters #[serde(default, skip_serializing_if = "Option::is_none")] pub params: Option>, - /// HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. `/metrics`). + /// HTTP path to scrape for metrics. + /// If empty, Prometheus uses the default value (e.g. `/metrics`). #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// Name of the service port this endpoint refers to. Mutually exclusive with targetPort. @@ -1495,13 +2105,17 @@ pub struct RuntimeComponentMonitoringEndpoints { /// ProxyURL eg http://proxyserver:2195 Directs scrapes to proxy through this endpoint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] pub proxy_url: Option, - /// RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job's name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + /// RelabelConfigs to apply to samples before scraping. + /// Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. + /// The original scrape job's name is available via the `__tmp_prometheus_job_name` label. + /// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config #[serde(default, skip_serializing_if = "Option::is_none")] pub relabelings: Option>, /// HTTP scheme to use for scraping. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, - /// Timeout after which the scrape is ended If not specified, the Prometheus global scrape timeout is used unless it is less than `Interval` in which the latter is used. + /// Timeout after which the scrape is ended + /// If not specified, the Prometheus global scrape timeout is used unless it is less than `Interval` in which the latter is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeTimeout")] pub scrape_timeout: Option, /// Name or number of the target port of the Pod behind the Service, the port must be specified with container port property. Mutually exclusive with port. @@ -1518,7 +2132,8 @@ pub struct RuntimeComponentMonitoringEndpointsAuthorization { /// The secret's key that contains the credentials of the request #[serde(default, skip_serializing_if = "Option::is_none")] pub credentials: Option, - /// Set the authentication type. Defaults to Bearer, Basic will cause an error + /// Set the authentication type. Defaults to Bearer, Basic will cause an + /// error #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -1528,7 +2143,9 @@ pub struct RuntimeComponentMonitoringEndpointsAuthorization { pub struct RuntimeComponentMonitoringEndpointsAuthorizationCredentials { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1536,23 +2153,29 @@ pub struct RuntimeComponentMonitoringEndpointsAuthorizationCredentials { pub optional: Option, } -/// BasicAuth allow an endpoint to authenticate over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints +/// BasicAuth allow an endpoint to authenticate over basic authentication +/// More info: https://prometheus.io/docs/operating/configuration/#endpoints #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentMonitoringEndpointsBasicAuth { - /// The secret in the service monitor namespace that contains the password for authentication. + /// The secret in the service monitor namespace that contains the password + /// for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] pub password: Option, - /// The secret in the service monitor namespace that contains the username for authentication. + /// The secret in the service monitor namespace that contains the username + /// for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] pub username: Option, } -/// The secret in the service monitor namespace that contains the password for authentication. +/// The secret in the service monitor namespace that contains the password +/// for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentMonitoringEndpointsBasicAuthPassword { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1560,12 +2183,15 @@ pub struct RuntimeComponentMonitoringEndpointsBasicAuthPassword { pub optional: Option, } -/// The secret in the service monitor namespace that contains the username for authentication. +/// The secret in the service monitor namespace that contains the username +/// for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentMonitoringEndpointsBasicAuthUsername { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1573,12 +2199,16 @@ pub struct RuntimeComponentMonitoringEndpointsBasicAuthUsername { pub optional: Option, } -/// Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the service monitor and accessible by the Prometheus Operator. +/// Secret to mount to read bearer token for scraping targets. The secret +/// needs to be in the same namespace as the service monitor and accessible by +/// the Prometheus Operator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentMonitoringEndpointsBearerTokenSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1586,10 +2216,13 @@ pub struct RuntimeComponentMonitoringEndpointsBearerTokenSecret { pub optional: Option, } -/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs +/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. +/// It defines ``-section of Prometheus configuration. +/// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentMonitoringEndpointsMetricRelabelings { - /// Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36. + /// Action to perform based on regex matching. Default is 'replace'. + /// uppercase and lowercase actions require Prometheus >= 2.36. #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, /// Modulus to take of the hash of the source label values. @@ -1598,21 +2231,27 @@ pub struct RuntimeComponentMonitoringEndpointsMetricRelabelings { /// Regular expression against which the extracted value is matched. Default is '(.*)' #[serde(default, skip_serializing_if = "Option::is_none")] pub regex: Option, - /// Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1' + /// Replacement value against which a regex replace is performed if the + /// regular expression matches. Regex capture groups are available. Default is '$1' #[serde(default, skip_serializing_if = "Option::is_none")] pub replacement: Option, /// Separator placed between concatenated source label values. default is ';'. #[serde(default, skip_serializing_if = "Option::is_none")] pub separator: Option, - /// The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions. + /// The source labels select values from existing labels. Their content is concatenated + /// using the configured separator and matched against the configured regular expression + /// for the replace, keep, and drop actions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceLabels")] pub source_labels: Option>, - /// Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available. + /// Label to which the resulting value is written in a replace action. + /// It is mandatory for replace actions. Regex capture groups are available. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetLabel")] pub target_label: Option, } -/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs +/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. +/// It defines ``-section of Prometheus configuration. +/// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum RuntimeComponentMonitoringEndpointsMetricRelabelingsAction { #[serde(rename = "replace")] @@ -1691,7 +2330,9 @@ pub struct RuntimeComponentMonitoringEndpointsOauth2ClientId { pub struct RuntimeComponentMonitoringEndpointsOauth2ClientIdConfigMap { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1704,7 +2345,9 @@ pub struct RuntimeComponentMonitoringEndpointsOauth2ClientIdConfigMap { pub struct RuntimeComponentMonitoringEndpointsOauth2ClientIdSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1717,7 +2360,9 @@ pub struct RuntimeComponentMonitoringEndpointsOauth2ClientIdSecret { pub struct RuntimeComponentMonitoringEndpointsOauth2ClientSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1725,10 +2370,13 @@ pub struct RuntimeComponentMonitoringEndpointsOauth2ClientSecret { pub optional: Option, } -/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs +/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. +/// It defines ``-section of Prometheus configuration. +/// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentMonitoringEndpointsRelabelings { - /// Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36. + /// Action to perform based on regex matching. Default is 'replace'. + /// uppercase and lowercase actions require Prometheus >= 2.36. #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, /// Modulus to take of the hash of the source label values. @@ -1737,21 +2385,27 @@ pub struct RuntimeComponentMonitoringEndpointsRelabelings { /// Regular expression against which the extracted value is matched. Default is '(.*)' #[serde(default, skip_serializing_if = "Option::is_none")] pub regex: Option, - /// Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1' + /// Replacement value against which a regex replace is performed if the + /// regular expression matches. Regex capture groups are available. Default is '$1' #[serde(default, skip_serializing_if = "Option::is_none")] pub replacement: Option, /// Separator placed between concatenated source label values. default is ';'. #[serde(default, skip_serializing_if = "Option::is_none")] pub separator: Option, - /// The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions. + /// The source labels select values from existing labels. Their content is concatenated + /// using the configured separator and matched against the configured regular expression + /// for the replace, keep, and drop actions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceLabels")] pub source_labels: Option>, - /// Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available. + /// Label to which the resulting value is written in a replace action. + /// It is mandatory for replace actions. Regex capture groups are available. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetLabel")] pub target_label: Option, } -/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs +/// RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. +/// It defines ``-section of Prometheus configuration. +/// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum RuntimeComponentMonitoringEndpointsRelabelingsAction { #[serde(rename = "replace")] @@ -1839,7 +2493,9 @@ pub struct RuntimeComponentMonitoringEndpointsTlsConfigCa { pub struct RuntimeComponentMonitoringEndpointsTlsConfigCaConfigMap { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1852,7 +2508,9 @@ pub struct RuntimeComponentMonitoringEndpointsTlsConfigCaConfigMap { pub struct RuntimeComponentMonitoringEndpointsTlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1876,7 +2534,9 @@ pub struct RuntimeComponentMonitoringEndpointsTlsConfigCert { pub struct RuntimeComponentMonitoringEndpointsTlsConfigCertConfigMap { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1889,7 +2549,9 @@ pub struct RuntimeComponentMonitoringEndpointsTlsConfigCertConfigMap { pub struct RuntimeComponentMonitoringEndpointsTlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1902,7 +2564,9 @@ pub struct RuntimeComponentMonitoringEndpointsTlsConfigCertSecret { pub struct RuntimeComponentMonitoringEndpointsTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1930,31 +2594,47 @@ pub struct RuntimeComponentProbesLiveness { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1962,18 +2642,26 @@ pub struct RuntimeComponentProbesLiveness { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesLivenessExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesLivenessGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1981,7 +2669,8 @@ pub struct RuntimeComponentProbesLivenessGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesLivenessHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1990,9 +2679,12 @@ pub struct RuntimeComponentProbesLivenessHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2000,7 +2692,8 @@ pub struct RuntimeComponentProbesLivenessHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesLivenessHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2012,7 +2705,9 @@ pub struct RuntimeComponentProbesLivenessTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -2022,31 +2717,47 @@ pub struct RuntimeComponentProbesReadiness { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2054,18 +2765,26 @@ pub struct RuntimeComponentProbesReadiness { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesReadinessExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesReadinessGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2073,7 +2792,8 @@ pub struct RuntimeComponentProbesReadinessGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesReadinessHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2082,9 +2802,12 @@ pub struct RuntimeComponentProbesReadinessHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2092,7 +2815,8 @@ pub struct RuntimeComponentProbesReadinessHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesReadinessHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2104,7 +2828,9 @@ pub struct RuntimeComponentProbesReadinessTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -2114,31 +2840,47 @@ pub struct RuntimeComponentProbesStartup { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2146,18 +2888,26 @@ pub struct RuntimeComponentProbesStartup { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesStartupExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesStartupGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2165,7 +2915,8 @@ pub struct RuntimeComponentProbesStartupGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesStartupHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2174,9 +2925,12 @@ pub struct RuntimeComponentProbesStartupHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2184,7 +2938,8 @@ pub struct RuntimeComponentProbesStartupHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentProbesStartupHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2196,22 +2951,34 @@ pub struct RuntimeComponentProbesStartupTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// Resource requests and limits for the application container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -2219,7 +2986,9 @@ pub struct RuntimeComponentResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -2284,21 +3053,46 @@ pub struct RuntimeComponentService { /// ServicePort contains information on service's port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentServicePorts { - /// The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol. + /// The application protocol for this port. + /// This field follows standard Kubernetes label syntax. + /// Un-prefixed names are reserved for IANA standard service names (as per + /// RFC-6335 and https://www.iana.org/assignments/service-names). + /// Non-standard protocols should use prefixed names such as + /// mycompany.com/my-custom-protocol. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] pub app_protocol: Option, - /// The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service. + /// The name of this port within the service. This must be a DNS_LABEL. + /// All ports within a ServiceSpec must have unique names. When considering + /// the endpoints for a Service, this must match the 'name' field in the + /// EndpointPort. + /// Optional if only one ServicePort is defined on this service. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + /// The port on each node on which this service is exposed when type is + /// NodePort or LoadBalancer. Usually assigned by the system. If a value is + /// specified, in-range, and not in use it will be used, otherwise the + /// operation will fail. If not specified, a port will be allocated if this + /// Service requires one. If this field is specified when creating a + /// Service which does not need it, creation will fail. This field will be + /// wiped when updating a Service to no longer need it (e.g. changing type + /// from NodePort to ClusterIP). + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] pub node_port: Option, /// The port that will be exposed by this service. pub port: i32, - /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". Default is TCP. + /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". + /// Default is TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service + /// Number or name of the port to access on the pods targeted by the service. + /// Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// If this is a string, it will be looked up as a named port in the + /// target Pod's container ports. If this is not specified, the value + /// of the 'port' field is used (an identity map). + /// This field is ignored for services with clusterIP=None, and should be + /// omitted or set equal to the 'port' field. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPort")] pub target_port: Option, } @@ -2306,69 +3100,146 @@ pub struct RuntimeComponentServicePorts { /// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainers { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -2378,7 +3249,15 @@ pub struct RuntimeComponentSidecarContainers { pub struct RuntimeComponentSidecarContainersEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -2392,10 +3271,12 @@ pub struct RuntimeComponentSidecarContainersEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -2408,7 +3289,9 @@ pub struct RuntimeComponentSidecarContainersEnvValueFrom { pub struct RuntimeComponentSidecarContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2416,7 +3299,8 @@ pub struct RuntimeComponentSidecarContainersEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2427,7 +3311,8 @@ pub struct RuntimeComponentSidecarContainersEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -2445,7 +3330,9 @@ pub struct RuntimeComponentSidecarContainersEnvValueFromResourceFieldRef { pub struct RuntimeComponentSidecarContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2470,7 +3357,9 @@ pub struct RuntimeComponentSidecarContainersEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -2481,7 +3370,9 @@ pub struct RuntimeComponentSidecarContainersEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -2489,18 +3380,33 @@ pub struct RuntimeComponentSidecarContainersEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePostStart { /// Exec specifies the action to take. @@ -2509,7 +3415,9 @@ pub struct RuntimeComponentSidecarContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -2517,7 +3425,11 @@ pub struct RuntimeComponentSidecarContainersLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2525,7 +3437,8 @@ pub struct RuntimeComponentSidecarContainersLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2534,9 +3447,12 @@ pub struct RuntimeComponentSidecarContainersLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2544,23 +3460,36 @@ pub struct RuntimeComponentSidecarContainersLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePreStop { /// Exec specifies the action to take. @@ -2569,7 +3498,9 @@ pub struct RuntimeComponentSidecarContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -2577,7 +3508,11 @@ pub struct RuntimeComponentSidecarContainersLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2585,7 +3520,8 @@ pub struct RuntimeComponentSidecarContainersLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2594,9 +3530,12 @@ pub struct RuntimeComponentSidecarContainersLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2604,53 +3543,77 @@ pub struct RuntimeComponentSidecarContainersLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2658,18 +3621,26 @@ pub struct RuntimeComponentSidecarContainersLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2677,7 +3648,8 @@ pub struct RuntimeComponentSidecarContainersLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2686,9 +3658,12 @@ pub struct RuntimeComponentSidecarContainersLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2696,7 +3671,8 @@ pub struct RuntimeComponentSidecarContainersLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2708,61 +3684,89 @@ pub struct RuntimeComponentSidecarContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2770,18 +3774,26 @@ pub struct RuntimeComponentSidecarContainersReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2789,7 +3801,8 @@ pub struct RuntimeComponentSidecarContainersReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2798,9 +3811,12 @@ pub struct RuntimeComponentSidecarContainersReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2808,7 +3824,8 @@ pub struct RuntimeComponentSidecarContainersReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2820,22 +3837,36 @@ pub struct RuntimeComponentSidecarContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -2843,49 +3874,95 @@ pub struct RuntimeComponentSidecarContainersResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersSecurityContextCapabilities { /// Added capabilities @@ -2896,7 +3973,11 @@ pub struct RuntimeComponentSidecarContainersSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -2913,66 +3994,113 @@ pub struct RuntimeComponentSidecarContainersSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must only be set if type is "Localhost". #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// This field is alpha-level and will only be honored by components that enable the + /// WindowsHostProcessContainers feature flag. Setting this field without the feature + /// flag will result in errors when validating the Pod. All of a Pod's containers must + /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess + /// containers and non-HostProcess containers). In addition, if HostProcess is true + /// then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + /// GRPC specifies an action involving a GRPC port. + /// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2980,18 +4108,26 @@ pub struct RuntimeComponentSidecarContainersStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. +/// GRPC specifies an action involving a GRPC port. +/// This is a beta field and requires enabling GRPCContainerProbe feature gate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2999,7 +4135,8 @@ pub struct RuntimeComponentSidecarContainersStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -3008,9 +4145,12 @@ pub struct RuntimeComponentSidecarContainersStartupProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -3018,7 +4158,8 @@ pub struct RuntimeComponentSidecarContainersStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -3030,7 +4171,9 @@ pub struct RuntimeComponentSidecarContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -3047,21 +4190,30 @@ pub struct RuntimeComponentSidecarContainersVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentSidecarContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -3097,24 +4249,36 @@ pub struct RuntimeComponentStatefulSetStorage { /// A YAML object that represents a volumeClaimTemplate component of a StatefulSet. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplate { - /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + /// APIVersion defines the versioned schema of this representation of an object. + /// Servers should convert recognized schemas to the latest internal value, and + /// may reject unrecognized values. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind is a string value representing the REST resource this object represents. + /// Servers may infer this from the endpoint the client submits requests to. + /// Cannot be updated. + /// In CamelCase. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + /// Standard object's metadata. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// spec defines the desired characteristics of a volume requested by a pod author. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, - /// status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// status represents the current information/status of a persistent volume claim. + /// Read-only. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none")] pub status: Option, } -/// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata +/// Standard object's metadata. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3129,28 +4293,65 @@ pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateMetadata { pub namespace: Option, } -/// spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// spec defines the desired characteristics of a volume requested by a pod author. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -3158,10 +4359,19 @@ pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -3170,33 +4380,73 @@ pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3204,7 +4454,9 @@ pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -3214,42 +4466,63 @@ pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// status represents the current information/status of a persistent volume claim. +/// Read-only. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetStorageVolumeClaimTemplateStatus { - /// accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the actual access modes the volume backing the PVC has. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + /// allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may + /// be larger than the actual capacity when a volume expansion operation is requested. + /// For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. + /// If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. + /// If a volume expansion capacity request is lowered, allocatedResources is only + /// lowered if there are no expansion operations in progress and if the actual volume capacity + /// is equal or lower than the requested capacity. + /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResources")] pub allocated_resources: Option>, /// capacity represents the actual resources of the underlying volume. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option>, - /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'. + /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + /// resized then the Condition will be set to 'ResizeStarted'. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// phase represents the current phase of PersistentVolumeClaim. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + /// resizeStatus stores status of resize operation. + /// ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty + /// string by resize controller or kubelet. + /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizeStatus")] pub resize_status: Option, } @@ -3260,7 +4533,8 @@ pub struct RuntimeComponentStatefulSetUpdateStrategy { /// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, - /// Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. + /// Type indicates the type of the StatefulSetUpdateStrategy. + /// Default is RollingUpdate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -3268,10 +4542,19 @@ pub struct RuntimeComponentStatefulSetUpdateStrategy { /// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatefulSetUpdateStrategyRollingUpdate { - /// The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable. + /// The maximum number of pods that can be unavailable during the update. + /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + /// Absolute number is calculated from percentage by rounding up. This can not be 0. + /// Defaults to 1. This field is alpha-level and is only honored by servers that enable the + /// MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to + /// Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it + /// will be counted towards MaxUnavailable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, - /// Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0. + /// Partition indicates the ordinal at which the StatefulSet should be partitioned + /// for updates. During a rolling update, all pods from ordinal Replicas-1 to + /// Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. + /// This is helpful in being able to do a canary based deployment. The default value is 0. #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, } @@ -3279,21 +4562,30 @@ pub struct RuntimeComponentStatefulSetUpdateStrategyRollingUpdate { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -3301,7 +4593,9 @@ pub struct RuntimeComponentVolumeMounts { /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. @@ -3313,7 +4607,8 @@ pub struct RuntimeComponentVolumes { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume @@ -3325,46 +4620,91 @@ pub struct RuntimeComponentVolumes { /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - /// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). - /// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - /// A pod can use both types of ephemeral volumes and persistent volumes at the same time. + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, - /// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// --- + /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, - /// name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine @@ -3379,13 +4719,15 @@ pub struct RuntimeComponentVolumes { /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, - /// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. @@ -3396,19 +4738,30 @@ pub struct RuntimeComponentVolumes { pub vsphere_volume: Option, } -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } @@ -3425,13 +4778,16 @@ pub struct RuntimeComponentVolumesAzureDisk { /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, - /// fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -3439,7 +4795,8 @@ pub struct RuntimeComponentVolumesAzureDisk { /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretName is the name of secret that contains Azure Storage Account Name and Key @@ -3453,54 +4810,74 @@ pub struct RuntimeComponentVolumesAzureFile { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesCephfsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesCinder { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } -/// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesCinderSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3508,13 +4885,27 @@ pub struct RuntimeComponentVolumesCinderSecretRef { /// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -3527,36 +4918,59 @@ pub struct RuntimeComponentVolumesConfigMap { pub struct RuntimeComponentVolumesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } -/// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesCsiNodePublishSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3564,7 +4978,14 @@ pub struct RuntimeComponentVolumesCsiNodePublishSecretRef { /// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// Items is a list of downward API volume file @@ -3578,12 +4999,18 @@ pub struct RuntimeComponentVolumesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -3599,7 +5026,8 @@ pub struct RuntimeComponentVolumesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -3612,46 +5040,125 @@ pub struct RuntimeComponentVolumesDownwardApiItemsResourceFieldRef { pub resource: String, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: http://kubernetes.io/docs/user-guide/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } -/// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. -/// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). -/// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. -/// A pod can use both types of ephemeral volumes and persistent volumes at the same time. +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - /// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - /// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - /// Required, must not be nil. + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// + /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } -/// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). -/// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. -/// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. -/// Required, must not be nil. +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. pub spec: RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpec, } -/// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3666,28 +5173,67 @@ pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateMetadata { pub namespace: Option, } -/// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -3695,10 +5241,19 @@ pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -3707,33 +5262,73 @@ pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3741,7 +5336,9 @@ pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -3751,19 +5348,26 @@ pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3771,46 +5375,65 @@ pub struct RuntimeComponentVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchE /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesFc { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } -/// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesFlexVolume { /// driver is the name of the driver to use for this volume. pub driver: String, - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesFlexVolumeSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3818,7 +5441,8 @@ pub struct RuntimeComponentVolumesFlexVolumeSecretRef { /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -3826,27 +5450,46 @@ pub struct RuntimeComponentVolumesFlocker { pub dataset_uuid: Option, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesGitRepo { - /// directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// repository is the URL @@ -3856,29 +5499,47 @@ pub struct RuntimeComponentVolumesGitRepo { pub revision: Option, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, - /// path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +/// --- +/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not +/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesHostPath { - /// path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, - /// type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesIscsi { /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication @@ -3887,29 +5548,39 @@ pub struct RuntimeComponentVolumesIscsi { /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, /// iqn is the target iSCSI Qualified Name. pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, /// lun represents iSCSI Target Lun number. pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } @@ -3917,30 +5588,41 @@ pub struct RuntimeComponentVolumesIscsi { /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesIscsiSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesNfs { - /// path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } -/// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. Default false. + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -3948,7 +5630,9 @@ pub struct RuntimeComponentVolumesPersistentVolumeClaim { /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// pdID is the ID that identifies Photon Controller persistent disk @@ -3959,10 +5643,13 @@ pub struct RuntimeComponentVolumesPhotonPersistentDisk { /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesPortworxVolume { - /// fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// volumeID uniquely identifies a Portworx volume @@ -3973,7 +5660,12 @@ pub struct RuntimeComponentVolumesPortworxVolume { /// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// sources is the list of volume projections @@ -4001,10 +5693,18 @@ pub struct RuntimeComponentVolumesProjectedSources { /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -4017,10 +5717,18 @@ pub struct RuntimeComponentVolumesProjectedSourcesConfigMap { pub struct RuntimeComponentVolumesProjectedSourcesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -4038,12 +5746,18 @@ pub struct RuntimeComponentVolumesProjectedSourcesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -4059,7 +5773,8 @@ pub struct RuntimeComponentVolumesProjectedSourcesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -4075,10 +5790,18 @@ pub struct RuntimeComponentVolumesProjectedSourcesDownwardApiItemsResourceFieldR /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -4091,78 +5814,124 @@ pub struct RuntimeComponentVolumesProjectedSourcesSecret { pub struct RuntimeComponentVolumesProjectedSourcesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesQuobyte { - /// group to map volume access to Default is no group + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, - /// tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, - /// user to map volume access to Defaults to serivceaccount user + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, - /// keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, - /// monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, - /// pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesRbdSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4170,7 +5939,10 @@ pub struct RuntimeComponentVolumesRbdSecretRef { /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesScaleIo { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// gateway is the host address of the ScaleIO API Gateway. @@ -4178,16 +5950,19 @@ pub struct RuntimeComponentVolumesScaleIo { /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: RuntimeComponentVolumesScaleIoSecretRef, /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, /// storagePool is the ScaleIO Storage Pool associated with the protection domain. @@ -4195,32 +5970,50 @@ pub struct RuntimeComponentVolumesScaleIo { pub storage_pool: Option, /// system is the name of the storage system as configured in ScaleIO. pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesScaleIoSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -4230,37 +6023,58 @@ pub struct RuntimeComponentVolumesSecret { pub struct RuntimeComponentVolumesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesStorageos { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } -/// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesStorageosSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4268,7 +6082,9 @@ pub struct RuntimeComponentVolumesStorageosSecretRef { /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentVolumesVsphereVolume { - /// fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. @@ -4285,7 +6101,8 @@ pub struct RuntimeComponentVolumesVsphereVolume { /// Defines the observed state of RuntimeComponent. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatus { - /// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + /// LocalObjectReference contains enough information to let you locate the + /// referenced object inside the same namespace. #[serde(default, skip_serializing_if = "Option::is_none")] pub binding: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4294,10 +6111,13 @@ pub struct RuntimeComponentStatus { pub image_reference: Option, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuntimeComponentStatusBinding { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/repo_manager_pulpproject_org/v1beta2/pulps.rs b/kube-custom-resources-rs/src/repo_manager_pulpproject_org/v1beta2/pulps.rs index d35b1dcbe..291d8f9fd 100644 --- a/kube-custom-resources-rs/src/repo_manager_pulpproject_org/v1beta2/pulps.rs +++ b/kube-custom-resources-rs/src/repo_manager_pulpproject_org/v1beta2/pulps.rs @@ -47,6 +47,9 @@ pub struct PulpSpec { /// Content defines desired state of pulpcore-content resources #[serde(default, skip_serializing_if = "Option::is_none")] pub content: Option, + /// Name of the ConfigMap to define Pulp configurations not available through this CR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub custom_pulp_settings: Option, /// Database defines desired state of postgres resources #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, @@ -161,7 +164,7 @@ pub struct PulpSpec { /// Name of the Secret to provide Django cryptographic signing. Default: "pulp-secret-key" #[serde(default, skip_serializing_if = "Option::is_none")] pub pulp_secret_key: Option, - /// Definition of /etc/pulp/settings.py config file. + /// [DEPRECATED] Definition of /etc/pulp/settings.py config file. This field is deprecated and will be removed in the future, use the custom_pulp_settings field instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub pulp_settings: Option>, /// PersistenVolumeClaim name that will be used by Pulp pods. If defined, the PVC must be provisioned by the user and the operator will only configure the deployment to use it diff --git a/kube-custom-resources-rs/src/resources_teleport_dev/v2/teleportsamlconnectors.rs b/kube-custom-resources-rs/src/resources_teleport_dev/v2/teleportsamlconnectors.rs index 044136149..0e02648ea 100644 --- a/kube-custom-resources-rs/src/resources_teleport_dev/v2/teleportsamlconnectors.rs +++ b/kube-custom-resources-rs/src/resources_teleport_dev/v2/teleportsamlconnectors.rs @@ -34,7 +34,7 @@ pub struct TeleportSAMLConnectorSpec { /// Audience uniquely identifies our service provider. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// Cert is the identity provider certificate PEM. IDP signs responses using this certificate. + /// Cert is the identity provider certificate PEM. IDP signs `` responses using this certificate. #[serde(default, skip_serializing_if = "Option::is_none")] pub cert: Option, /// ClientRedirectSettings defines which client redirect URLs are allowed for non-browser SSO logins other than the standard localhost ones. diff --git a/kube-custom-resources-rs/src/scylla_scylladb_com/v1alpha1/nodeconfigs.rs b/kube-custom-resources-rs/src/scylla_scylladb_com/v1alpha1/nodeconfigs.rs index 909bc4d90..2cfc462bf 100644 --- a/kube-custom-resources-rs/src/scylla_scylladb_com/v1alpha1/nodeconfigs.rs +++ b/kube-custom-resources-rs/src/scylla_scylladb_com/v1alpha1/nodeconfigs.rs @@ -80,7 +80,7 @@ pub struct NodeConfigLocalDiskSetupMounts { /// fsType specifies the filesystem on the device. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// mountPoint is a path where the device should be mounted at. + /// mountPoint is a path where the device should be mounted at. If the mountPoint is a symlink, the mount will be set up for the target. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPoint")] pub mount_point: Option, /// unsupportedOptions is a list of mount options used during device mounting. unsupported in this field name means that we won't support all the available options passed down using this field. diff --git a/kube-custom-resources-rs/src/secrets_hashicorp_com/v1beta1/vaultauths.rs b/kube-custom-resources-rs/src/secrets_hashicorp_com/v1beta1/vaultauths.rs index dc613201b..61dabfaa6 100644 --- a/kube-custom-resources-rs/src/secrets_hashicorp_com/v1beta1/vaultauths.rs +++ b/kube-custom-resources-rs/src/secrets_hashicorp_com/v1beta1/vaultauths.rs @@ -227,12 +227,27 @@ pub struct VaultAuthStorageEncryption { /// VaultAuthGlobalRef. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VaultAuthVaultAuthGlobalRef { + /// AllowDefault when set to true will use the default VaultAuthGlobal resource + /// as the default if Name is not set. The 'allow-default-globals' option must be + /// set on the operator's '-global-vault-auth-options' flag + /// + /// + /// The default VaultAuthGlobal search is conditional. + /// When a ref Namespace is set, the search for the default + /// VaultAuthGlobal resource is constrained to that namespace. + /// Otherwise, the search order is: + /// 1. The default VaultAuthGlobal resource in the referring VaultAuth resource's + /// namespace. + /// 2. The default VaultAuthGlobal resource in the Operator's namespace. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowDefault")] + pub allow_default: Option, /// MergeStrategy configures the merge strategy for HTTP headers and parameters /// that are included in all Vault authentication requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mergeStrategy")] pub merge_strategy: Option, /// Name of the VaultAuthGlobal resource. - pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, /// Namespace of the VaultAuthGlobal resource. If not provided, the namespace of /// the referring VaultAuth resource is used. #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/secrets_hashicorp_com/v1beta1/vaultstaticsecrets.rs b/kube-custom-resources-rs/src/secrets_hashicorp_com/v1beta1/vaultstaticsecrets.rs index 270311873..55e4a7ceb 100644 --- a/kube-custom-resources-rs/src/secrets_hashicorp_com/v1beta1/vaultstaticsecrets.rs +++ b/kube-custom-resources-rs/src/secrets_hashicorp_com/v1beta1/vaultstaticsecrets.rs @@ -47,6 +47,9 @@ pub struct VaultStaticSecretSpec { /// See RolloutRestartTarget for more details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rolloutRestartTargets")] pub rollout_restart_targets: Option>, + /// SyncConfig configures sync behavior from Vault to VSO + #[serde(default, skip_serializing_if = "Option::is_none", rename = "syncConfig")] + pub sync_config: Option, /// Type of the Vault static secret #[serde(rename = "type")] pub r#type: VaultStaticSecretType, @@ -213,6 +216,15 @@ pub enum VaultStaticSecretRolloutRestartTargetsKind { ArgoRollout, } +/// SyncConfig configures sync behavior from Vault to VSO +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VaultStaticSecretSyncConfig { + /// InstantUpdates is a flag to indicate that event-driven updates are + /// enabled for this VaultStaticSecret + #[serde(default, skip_serializing_if = "Option::is_none", rename = "instantUpdates")] + pub instant_updates: Option, +} + /// VaultStaticSecretSpec defines the desired state of VaultStaticSecret #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum VaultStaticSecretType { diff --git a/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/profilerecordings.rs b/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/profilerecordings.rs index 5a876d3dc..afe7c43dc 100644 --- a/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/profilerecordings.rs +++ b/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/profilerecordings.rs @@ -49,6 +49,7 @@ pub struct ProfileRecordingSpec { pub enum ProfileRecordingKind { SeccompProfile, SelinuxProfile, + ApparmorProfile, } /// ProfileRecordingSpec defines the desired state of ProfileRecording. diff --git a/kube-custom-resources-rs/src/snapshot_storage_k8s_io/v1/volumesnapshotclasses.rs b/kube-custom-resources-rs/src/snapshot_storage_k8s_io/v1/volumesnapshotclasses.rs index 402618646..1cf42d86d 100644 --- a/kube-custom-resources-rs/src/snapshot_storage_k8s_io/v1/volumesnapshotclasses.rs +++ b/kube-custom-resources-rs/src/snapshot_storage_k8s_io/v1/volumesnapshotclasses.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/snapshot_storage_k8s_io/v1beta1/volumesnapshotclasses.rs b/kube-custom-resources-rs/src/snapshot_storage_k8s_io/v1beta1/volumesnapshotclasses.rs index d9e970d73..02b953647 100644 --- a/kube-custom-resources-rs/src/snapshot_storage_k8s_io/v1beta1/volumesnapshotclasses.rs +++ b/kube-custom-resources-rs/src/snapshot_storage_k8s_io/v1beta1/volumesnapshotclasses.rs @@ -8,4 +8,5 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/source_toolkit_fluxcd_io/v1beta2/buckets.rs b/kube-custom-resources-rs/src/source_toolkit_fluxcd_io/v1beta2/buckets.rs index 9d213a55d..86302a404 100644 --- a/kube-custom-resources-rs/src/source_toolkit_fluxcd_io/v1beta2/buckets.rs +++ b/kube-custom-resources-rs/src/source_toolkit_fluxcd_io/v1beta2/buckets.rs @@ -70,6 +70,13 @@ pub struct BucketSpec { /// storage. #[serde(default, skip_serializing_if = "Option::is_none")] pub provider: Option, + /// ProxySecretRef specifies the Secret containing the proxy configuration + /// to use while communicating with the Bucket server. + /// + /// + /// Only supported for the generic provider. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxySecretRef")] + pub proxy_secret_ref: Option, /// Region of the Endpoint where the BucketName is located in. #[serde(default, skip_serializing_if = "Option::is_none")] pub region: Option, @@ -145,6 +152,17 @@ pub enum BucketProvider { Azure, } +/// ProxySecretRef specifies the Secret containing the proxy configuration +/// to use while communicating with the Bucket server. +/// +/// +/// Only supported for the generic provider. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BucketProxySecretRef { + /// Name of the referent. + pub name: String, +} + /// SecretRef specifies the Secret containing authentication credentials /// for the Bucket. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/scheduledsparkapplications.rs b/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/scheduledsparkapplications.rs index 25ae66cff..348575f58 100644 --- a/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/scheduledsparkapplications.rs +++ b/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/scheduledsparkapplications.rs @@ -18,502 +18,1189 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct ScheduledSparkApplicationSpec { + /// ConcurrencyPolicy is the policy governing concurrent SparkApplication runs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "concurrencyPolicy")] pub concurrency_policy: Option, + /// FailedRunHistoryLimit is the number of past failed runs of the application to keep. + /// Defaults to 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failedRunHistoryLimit")] pub failed_run_history_limit: Option, + /// Schedule is a cron schedule on which the application should run. pub schedule: String, + /// SuccessfulRunHistoryLimit is the number of past successful runs of the application to keep. + /// Defaults to 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successfulRunHistoryLimit")] pub successful_run_history_limit: Option, + /// Suspend is a flag telling the controller to suspend subsequent runs of the application if set to true. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none")] pub suspend: Option, + /// Template is a template from which SparkApplication instances can be created. pub template: ScheduledSparkApplicationTemplate, } +/// Template is a template from which SparkApplication instances can be created. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduledSparkApplicationTemplate { + /// Arguments is a list of arguments to be passed to the application. #[serde(default, skip_serializing_if = "Option::is_none")] pub arguments: Option>, + /// BatchScheduler configures which batch scheduler will be used for scheduling #[serde(default, skip_serializing_if = "Option::is_none", rename = "batchScheduler")] pub batch_scheduler: Option, + /// BatchSchedulerOptions provides fine-grained control on how to batch scheduling. #[serde(default, skip_serializing_if = "Option::is_none", rename = "batchSchedulerOptions")] pub batch_scheduler_options: Option, + /// Deps captures all possible types of dependencies of a Spark application. #[serde(default, skip_serializing_if = "Option::is_none")] pub deps: Option, + /// Driver is the driver specification. pub driver: ScheduledSparkApplicationTemplateDriver, + /// DriverIngressOptions allows configuring the Service and the Ingress to expose ports inside Spark Driver #[serde(default, skip_serializing_if = "Option::is_none", rename = "driverIngressOptions")] pub driver_ingress_options: Option>, + /// DynamicAllocation configures dynamic allocation that becomes available for the Kubernetes + /// scheduler backend since Spark 3.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dynamicAllocation")] pub dynamic_allocation: Option, + /// Executor is the executor specification. pub executor: ScheduledSparkApplicationTemplateExecutor, + /// FailureRetries is the number of times to retry a failed application before giving up. + /// This is best effort and actual retry attempts can be >= the value specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureRetries")] pub failure_retries: Option, + /// HadoopConf carries user-specified Hadoop configuration properties as they would use the the "--conf" option + /// in spark-submit. The SparkApplication controller automatically adds prefix "spark.hadoop." to Hadoop + /// configuration properties. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hadoopConf")] pub hadoop_conf: Option>, + /// HadoopConfigMap carries the name of the ConfigMap containing Hadoop configuration files such as core-site.xml. + /// The controller will add environment variable HADOOP_CONF_DIR to the path where the ConfigMap is mounted to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hadoopConfigMap")] pub hadoop_config_map: Option, + /// Image is the container image for the driver, executor, and init-container. Any custom container images for the + /// driver, executor, or init-container takes precedence over this. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// ImagePullPolicy is the image pull policy for the driver, executor, and init-container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// ImagePullSecrets is the list of image-pull secrets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] pub image_pull_secrets: Option>, + /// MainFile is the path to a bundled JAR, Python, or R file of the application. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mainApplicationFile")] pub main_application_file: Option, + /// MainClass is the fully-qualified main class of the Spark application. + /// This only applies to Java/Scala Spark applications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mainClass")] pub main_class: Option, + /// This sets the Memory Overhead Factor that will allocate memory to non-JVM memory. + /// For JVM-based jobs this value will default to 0.10, for non-JVM jobs 0.40. Value of this field will + /// be overridden by `Spec.Driver.MemoryOverhead` and `Spec.Executor.MemoryOverhead` if they are set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "memoryOverheadFactor")] pub memory_overhead_factor: Option, + /// Mode is the deployment mode of the Spark application. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// Monitoring configures how monitoring is handled. #[serde(default, skip_serializing_if = "Option::is_none")] pub monitoring: Option, + /// NodeSelector is the Kubernetes node selector to be added to the driver and executor pods. + /// This field is mutually exclusive with nodeSelector at podSpec level (driver or executor). + /// This field will be deprecated in future versions (at SparkApplicationSpec level). #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, + /// ProxyUser specifies the user to impersonate when submitting the application. + /// It maps to the command-line flag "--proxy-user" in spark-submit. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUser")] pub proxy_user: Option, + /// This sets the major Python version of the docker + /// image used to run the driver and executor containers. Can either be 2 or 3, default 2. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pythonVersion")] pub python_version: Option, + /// RestartPolicy defines the policy on if and in which conditions the controller should restart an application. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, + /// RetryInterval is the unit of intervals in seconds between submission retries. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryInterval")] pub retry_interval: Option, + /// SparkConf carries user-specified Spark configuration properties as they would use the "--conf" option in + /// spark-submit. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sparkConf")] pub spark_conf: Option>, + /// SparkConfigMap carries the name of the ConfigMap containing Spark configuration files such as log4j.properties. + /// The controller will add environment variable SPARK_CONF_DIR to the path where the ConfigMap is mounted to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sparkConfigMap")] pub spark_config_map: Option, + /// SparkUIOptions allows configuring the Service and the Ingress to expose the sparkUI #[serde(default, skip_serializing_if = "Option::is_none", rename = "sparkUIOptions")] pub spark_ui_options: Option, + /// SparkVersion is the version of Spark the application uses. #[serde(rename = "sparkVersion")] pub spark_version: String, + /// TimeToLiveSeconds defines the Time-To-Live (TTL) duration in seconds for this SparkApplication + /// after its termination. + /// The SparkApplication object will be garbage collected if the current time is more than the + /// TimeToLiveSeconds since its termination. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeToLiveSeconds")] pub time_to_live_seconds: Option, + /// Type tells the type of the Spark application. #[serde(rename = "type")] pub r#type: ScheduledSparkApplicationTemplateType, + /// Volumes is the list of Kubernetes volumes that can be mounted by the driver and/or executors. #[serde(default, skip_serializing_if = "Option::is_none")] pub volumes: Option>, } +/// BatchSchedulerOptions provides fine-grained control on how to batch scheduling. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateBatchSchedulerOptions { + /// PriorityClassName stands for the name of k8s PriorityClass resource, it's being used in Volcano batch scheduler. #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, + /// Queue stands for the resource queue which the application belongs to, it's being used in Volcano batch scheduler. #[serde(default, skip_serializing_if = "Option::is_none")] pub queue: Option, + /// Resources stands for the resource list custom request for. Usually it is used to define the lower-bound limit. + /// If specified, volcano scheduler will consider it as the resources requested. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option>, } +/// Deps captures all possible types of dependencies of a Spark application. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDeps { + /// ExcludePackages is a list of "groupId:artifactId", to exclude while resolving the + /// dependencies provided in Packages to avoid dependency conflicts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludePackages")] pub exclude_packages: Option>, + /// Files is a list of files the Spark application depends on. #[serde(default, skip_serializing_if = "Option::is_none")] pub files: Option>, + /// Jars is a list of JAR files the Spark application depends on. #[serde(default, skip_serializing_if = "Option::is_none")] pub jars: Option>, + /// Packages is a list of maven coordinates of jars to include on the driver and executor + /// classpaths. This will search the local maven repo, then maven central and any additional + /// remote repositories given by the "repositories" option. + /// Each package should be of the form "groupId:artifactId:version". #[serde(default, skip_serializing_if = "Option::is_none")] pub packages: Option>, + /// PyFiles is a list of Python files the Spark application depends on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pyFiles")] pub py_files: Option>, + /// Repositories is a list of additional remote repositories to search for the maven coordinate + /// given with the "packages" option. #[serde(default, skip_serializing_if = "Option::is_none")] pub repositories: Option>, } +/// Driver is the driver specification. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriver { + /// Affinity specifies the affinity/anti-affinity settings for the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, + /// Annotations are the Kubernetes annotations to be added to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, + /// ConfigMaps carries information of other ConfigMaps to add to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMaps")] pub config_maps: Option>, + /// CoreLimit specifies a hard limit on CPU cores for the pod. + /// Optional #[serde(default, skip_serializing_if = "Option::is_none", rename = "coreLimit")] pub core_limit: Option, + /// CoreRequest is the physical CPU core request for the driver. + /// Maps to `spark.kubernetes.driver.request.cores` that is available since Spark 3.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "coreRequest")] pub core_request: Option, + /// Cores maps to `spark.driver.cores` or `spark.executor.cores` for the driver and executors, respectively. #[serde(default, skip_serializing_if = "Option::is_none")] pub cores: Option, + /// DnsConfig dns settings for the pod, following the Kubernetes specifications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsConfig")] pub dns_config: Option, + /// Env carries the environment variables to add to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// EnvFrom is a list of sources to populate environment variables in the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// EnvSecretKeyRefs holds a mapping from environment variable names to SecretKeyRefs. + /// Deprecated. Consider using `env` instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envSecretKeyRefs")] pub env_secret_key_refs: Option>, + /// EnvVars carries the environment variables to add to the pod. + /// Deprecated. Consider using `env` instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envVars")] pub env_vars: Option>, + /// GPU specifies GPU requirement for the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub gpu: Option, + /// HostAliases settings for the pod, following the Kubernetes specifications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostAliases")] pub host_aliases: Option>, + /// HostNetwork indicates whether to request host networking for the pod or not. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetwork")] pub host_network: Option, + /// Image is the container image to use. Overrides Spec.Image if set. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// InitContainers is a list of init-containers that run to completion before the main Spark container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initContainers")] pub init_containers: Option>, + /// JavaOptions is a string of extra JVM options to pass to the driver. For instance, + /// GC settings or other logging. #[serde(default, skip_serializing_if = "Option::is_none", rename = "javaOptions")] pub java_options: Option, + /// KubernetesMaster is the URL of the Kubernetes master used by the driver to manage executor pods and + /// other Kubernetes resources. Default to https://kubernetes.default.svc. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesMaster")] pub kubernetes_master: Option, + /// Labels are the Kubernetes labels to be added to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, + /// Lifecycle for running preStop or postStart commands #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, + /// Memory is the amount of memory to request for the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub memory: Option, + /// MemoryOverhead is the amount of off-heap memory to allocate in cluster mode, in MiB unless otherwise specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "memoryOverhead")] pub memory_overhead: Option, + /// NodeSelector is the Kubernetes node selector to be added to the driver and executor pods. + /// This field is mutually exclusive with nodeSelector at SparkApplication level (which will be deprecated). #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, + /// PodName is the name of the driver pod that the user creates. This is used for the + /// in-cluster client mode in which the user creates a client pod where the driver of + /// the user application runs. It's an error to set this field if Mode is not + /// in-cluster-client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podName")] pub pod_name: Option, + /// PodSecurityContext specifies the PodSecurityContext to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurityContext")] pub pod_security_context: Option, + /// Ports settings for the pods, following the Kubernetes specifications. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ports: Option>, + /// SchedulerName specifies the scheduler that will be used for scheduling #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] pub scheduler_name: Option, + /// Secrets carries information of secrets to add to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub secrets: Option>, + /// SecurityContext specifies the container's SecurityContext to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// ServiceAccount is the name of the custom Kubernetes service account used by the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, + /// ServiceAnnotations defines the annotations to be added to the Kubernetes headless service used by + /// executors to connect to the driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAnnotations")] pub service_annotations: Option>, + /// ServiceLabels defines the labels to be added to the Kubernetes headless service used by + /// executors to connect to the driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceLabels")] pub service_labels: Option>, + /// ShareProcessNamespace settings for the pod, following the Kubernetes specifications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "shareProcessNamespace")] pub share_process_namespace: Option, + /// Sidecars is a list of sidecar containers that run along side the main Spark container. #[serde(default, skip_serializing_if = "Option::is_none")] pub sidecars: Option>, + /// Termination grace period seconds for the pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + /// Tolerations specifies the tolerations listed in ".spec.tolerations" to be applied to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, + /// VolumeMounts specifies the volumes listed in ".spec.volumes" to mount into the main container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, } +/// Affinity specifies the affinity/anti-affinity settings for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinity { + /// Describes node affinity scheduling rules for the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] pub pod_anti_affinity: Option, } +/// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. pub preference: ScheduledSparkApplicationTemplateDriverAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. pub weight: i32, } +/// A node selector term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. #[serde(rename = "nodeSelectorTerms")] pub node_selector_terms: Vec, } +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: ScheduledSparkApplicationTemplateDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// NamePath is a pair of a name and a path to which the named objects should be mounted to. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverConfigMaps { pub name: String, pub path: String, } +/// DnsConfig dns settings for the pod, following the Kubernetes specifications. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverDnsConfig { + /// A list of DNS name server IP addresses. + /// This will be appended to the base nameservers generated from DNSPolicy. + /// Duplicated nameservers will be removed. #[serde(default, skip_serializing_if = "Option::is_none")] pub nameservers: Option>, + /// A list of DNS resolver options. + /// This will be merged with the base options generated from DNSPolicy. + /// Duplicated entries will be removed. Resolution options given in Options + /// will override those that appear in the base DNSPolicy. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, + /// A list of DNS search domains for host-name lookup. + /// This will be appended to the base search paths generated from DNSPolicy. + /// Duplicated search paths will be removed. #[serde(default, skip_serializing_if = "Option::is_none")] pub searches: Option>, } +/// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverDnsConfigOptions { + /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvSecretKeyRefs holds a mapping from environment variable names to SecretKeyRefs. +/// Deprecated. Consider using `env` instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverEnvSecretKeyRefs { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -522,1655 +1209,4032 @@ pub struct ScheduledSparkApplicationTemplateDriverEnvSecretKeyRefs { pub name: Option, } +/// GPU specifies GPU requirement for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverGpu { + /// Name is GPU resource name, such as: nvidia.com/gpu or amd.com/gpu pub name: String, + /// Quantity is the number of GPUs to request for driver or executor. pub quantity: i64, } +/// HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the +/// pod's hosts file. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverHostAliases { + /// Hostnames for the above IP address. #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, + /// IP address of the host file entry. #[serde(default, skip_serializing_if = "Option::is_none")] pub ip: Option, } +/// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainers { + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, + /// Resources resize policy for the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] + pub resize_policy: Option>, + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, + /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostStart { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStop { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersPorts { + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, + /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - pub protocol: String, + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, } +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerResizePolicy represents resource resize policy for the container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverInitContainersResizePolicy { + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. + #[serde(rename = "restartPolicy")] + pub restart_policy: String, +} + +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverInitContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// volumeDevice describes a mapping of a raw block device within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersVolumeDevices { + /// devicePath is the path inside of the container that the device will be mapped to. #[serde(rename = "devicePath")] pub device_path: String, + /// name must match the name of a persistentVolumeClaim in the pod pub name: String, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// Lifecycle for running preStop or postStart commands #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStart { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStop { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PodSecurityContext specifies the PodSecurityContext to apply. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverPodSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] + pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] + pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverPodSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverPodSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, +} + +/// Sysctl defines a kernel parameter to be set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverPodSecurityContextSysctls { + /// Name of a property to set pub name: String, + /// Value of a property to set pub value: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverPodSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// Port represents the port definition in the pods objects. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverPorts { + #[serde(rename = "containerPort")] + pub container_port: i32, + pub name: String, + pub protocol: String, +} + +/// SecretInfo captures information of a secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSecrets { pub name: String, pub path: String, + /// SecretType tells the type of a secret. #[serde(rename = "secretType")] pub secret_type: String, } +/// SecurityContext specifies the container's SecurityContext to apply. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecars { + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, + /// Resources resize policy for the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] + pub resize_policy: Option>, + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] + pub restart_policy: Option, + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, + /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStart { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStop { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsPorts { + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, + /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - pub protocol: String, + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, } +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerResizePolicy represents resource resize policy for the container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverSidecarsResizePolicy { + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. + #[serde(rename = "restartPolicy")] + pub restart_policy: String, +} + +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverSidecarsResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// volumeDevice describes a mapping of a raw block device within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsVolumeDevices { + /// devicePath is the path inside of the container that the device will be mapped to. #[serde(rename = "devicePath")] pub device_path: String, + /// name must match the name of a persistentVolumeClaim in the pod pub name: String, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// DriverIngressConfiguration is for driver ingress specific configuration parameters. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverIngressOptions { + /// IngressAnnotations is a map of key,value pairs of annotations that might be added to the ingress object. i.e. specify nginx as ingress.class #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressAnnotations")] pub ingress_annotations: Option>, + /// TlsHosts is useful If we need to declare SSL certificates to the ingress object #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressTLS")] pub ingress_tls: Option>, + /// IngressURLFormat is the URL for the ingress. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressURLFormat")] pub ingress_url_format: Option, + /// ServiceAnnotations is a map of key,value pairs of annotations that might be added to the service object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAnnotations")] pub service_annotations: Option>, + /// ServiceLables is a map of key,value pairs of labels that might be added to the service object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceLabels")] pub service_labels: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "servicePort")] - pub service_port: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "servicePortName")] - pub service_port_name: Option, + /// ServicePort allows configuring the port at service level that might be different from the targetPort. + #[serde(rename = "servicePort")] + pub service_port: i32, + /// ServicePortName allows configuring the name of the service port. + /// This may be useful for sidecar proxies like Envoy injected by Istio which require specific ports names to treat traffic as proper HTTP. + #[serde(rename = "servicePortName")] + pub service_port_name: String, + /// ServiceType allows configuring the type of the service. Defaults to ClusterIP. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] pub service_type: Option, } +/// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverIngressOptionsIngressTls { + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } +/// DynamicAllocation configures dynamic allocation that becomes available for the Kubernetes +/// scheduler backend since Spark 3.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDynamicAllocation { + /// Enabled controls whether dynamic allocation is enabled or not. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, + /// InitialExecutors is the initial number of executors to request. If .spec.executor.instances + /// is also set, the initial number of executors is set to the bigger of that and this option. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialExecutors")] pub initial_executors: Option, + /// MaxExecutors is the upper bound for the number of executors if dynamic allocation is enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxExecutors")] pub max_executors: Option, + /// MinExecutors is the lower bound for the number of executors if dynamic allocation is enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minExecutors")] pub min_executors: Option, + /// ShuffleTrackingTimeout controls the timeout in milliseconds for executors that are holding + /// shuffle data if shuffle tracking is enabled (true by default if dynamic allocation is enabled). #[serde(default, skip_serializing_if = "Option::is_none", rename = "shuffleTrackingTimeout")] pub shuffle_tracking_timeout: Option, } +/// Executor is the executor specification. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutor { + /// Affinity specifies the affinity/anti-affinity settings for the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, + /// Annotations are the Kubernetes annotations to be added to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, + /// ConfigMaps carries information of other ConfigMaps to add to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMaps")] pub config_maps: Option>, + /// CoreLimit specifies a hard limit on CPU cores for the pod. + /// Optional #[serde(default, skip_serializing_if = "Option::is_none", rename = "coreLimit")] pub core_limit: Option, + /// CoreRequest is the physical CPU core request for the executors. + /// Maps to `spark.kubernetes.executor.request.cores` that is available since Spark 2.4. #[serde(default, skip_serializing_if = "Option::is_none", rename = "coreRequest")] pub core_request: Option, + /// Cores maps to `spark.driver.cores` or `spark.executor.cores` for the driver and executors, respectively. #[serde(default, skip_serializing_if = "Option::is_none")] pub cores: Option, + /// DeleteOnTermination specify whether executor pods should be deleted in case of failure or normal termination. + /// Maps to `spark.kubernetes.executor.deleteOnTermination` that is available since Spark 3.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deleteOnTermination")] pub delete_on_termination: Option, + /// DnsConfig dns settings for the pod, following the Kubernetes specifications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsConfig")] pub dns_config: Option, + /// Env carries the environment variables to add to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// EnvFrom is a list of sources to populate environment variables in the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// EnvSecretKeyRefs holds a mapping from environment variable names to SecretKeyRefs. + /// Deprecated. Consider using `env` instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envSecretKeyRefs")] pub env_secret_key_refs: Option>, + /// EnvVars carries the environment variables to add to the pod. + /// Deprecated. Consider using `env` instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envVars")] pub env_vars: Option>, + /// GPU specifies GPU requirement for the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub gpu: Option, + /// HostAliases settings for the pod, following the Kubernetes specifications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostAliases")] pub host_aliases: Option>, + /// HostNetwork indicates whether to request host networking for the pod or not. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetwork")] pub host_network: Option, + /// Image is the container image to use. Overrides Spec.Image if set. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// InitContainers is a list of init-containers that run to completion before the main Spark container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initContainers")] pub init_containers: Option>, + /// Instances is the number of executor instances. #[serde(default, skip_serializing_if = "Option::is_none")] pub instances: Option, + /// JavaOptions is a string of extra JVM options to pass to the executors. For instance, + /// GC settings or other logging. #[serde(default, skip_serializing_if = "Option::is_none", rename = "javaOptions")] pub java_options: Option, + /// Labels are the Kubernetes labels to be added to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, + /// Lifecycle for running preStop or postStart commands + #[serde(default, skip_serializing_if = "Option::is_none")] + pub lifecycle: Option, + /// Memory is the amount of memory to request for the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub memory: Option, + /// MemoryOverhead is the amount of off-heap memory to allocate in cluster mode, in MiB unless otherwise specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "memoryOverhead")] pub memory_overhead: Option, + /// NodeSelector is the Kubernetes node selector to be added to the driver and executor pods. + /// This field is mutually exclusive with nodeSelector at SparkApplication level (which will be deprecated). #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, + /// PodSecurityContext specifies the PodSecurityContext to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurityContext")] pub pod_security_context: Option, + /// Ports settings for the pods, following the Kubernetes specifications. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ports: Option>, + /// SchedulerName specifies the scheduler that will be used for scheduling #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] pub scheduler_name: Option, + /// Secrets carries information of secrets to add to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub secrets: Option>, + /// SecurityContext specifies the container's SecurityContext to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// ServiceAccount is the name of the custom Kubernetes service account used by the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, + /// ShareProcessNamespace settings for the pod, following the Kubernetes specifications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "shareProcessNamespace")] pub share_process_namespace: Option, + /// Sidecars is a list of sidecar containers that run along side the main Spark container. #[serde(default, skip_serializing_if = "Option::is_none")] pub sidecars: Option>, + /// Termination grace period seconds for the pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + /// Tolerations specifies the tolerations listed in ".spec.tolerations" to be applied to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, + /// VolumeMounts specifies the volumes listed in ".spec.volumes" to mount into the main container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, } +/// Affinity specifies the affinity/anti-affinity settings for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinity { + /// Describes node affinity scheduling rules for the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] pub pod_anti_affinity: Option, } +/// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. pub preference: ScheduledSparkApplicationTemplateExecutorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. pub weight: i32, } +/// A node selector term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. #[serde(rename = "nodeSelectorTerms")] pub node_selector_terms: Vec, } +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// NamePath is a pair of a name and a path to which the named objects should be mounted to. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorConfigMaps { pub name: String, pub path: String, } +/// DnsConfig dns settings for the pod, following the Kubernetes specifications. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorDnsConfig { + /// A list of DNS name server IP addresses. + /// This will be appended to the base nameservers generated from DNSPolicy. + /// Duplicated nameservers will be removed. #[serde(default, skip_serializing_if = "Option::is_none")] pub nameservers: Option>, + /// A list of DNS resolver options. + /// This will be merged with the base options generated from DNSPolicy. + /// Duplicated entries will be removed. Resolution options given in Options + /// will override those that appear in the base DNSPolicy. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, + /// A list of DNS search domains for host-name lookup. + /// This will be appended to the base search paths generated from DNSPolicy. + /// Duplicated search paths will be removed. #[serde(default, skip_serializing_if = "Option::is_none")] pub searches: Option>, } +/// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorDnsConfigOptions { + /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvSecretKeyRefs holds a mapping from environment variable names to SecretKeyRefs. +/// Deprecated. Consider using `env` instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorEnvSecretKeyRefs { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2179,1133 +5243,2968 @@ pub struct ScheduledSparkApplicationTemplateExecutorEnvSecretKeyRefs { pub name: Option, } +/// GPU specifies GPU requirement for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorGpu { + /// Name is GPU resource name, such as: nvidia.com/gpu or amd.com/gpu pub name: String, + /// Quantity is the number of GPUs to request for driver or executor. pub quantity: i64, } +/// HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the +/// pod's hosts file. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorHostAliases { + /// Hostnames for the above IP address. #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, + /// IP address of the host file entry. #[serde(default, skip_serializing_if = "Option::is_none")] pub ip: Option, } +/// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainers { + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, + /// Resources resize policy for the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] + pub resize_policy: Option>, + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, + /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostStart { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreStop { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersPorts { + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, + /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - pub protocol: String, + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, } +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerResizePolicy represents resource resize policy for the container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorInitContainersResizePolicy { + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. + #[serde(rename = "restartPolicy")] + pub restart_policy: String, +} + +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorInitContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// volumeDevice describes a mapping of a raw block device within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersVolumeDevices { + /// devicePath is the path inside of the container that the device will be mapped to. #[serde(rename = "devicePath")] pub device_path: String, + /// name must match the name of a persistentVolumeClaim in the pod pub name: String, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// Lifecycle for running preStop or postStart commands +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] + pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] + pub pre_stop: Option, +} + +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStart { + /// Exec specifies the action to take. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + /// HTTPGet specifies the http request to perform. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] + pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, +} + +/// Exec specifies the action to take. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, +} + +/// HTTPGet specifies the http request to perform. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] + pub http_headers: Option>, + /// Path to access on the HTTP server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. + pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheme: Option, +} + +/// HTTPHeader describes a custom header to be used in HTTP probes +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. + pub name: String, + /// The header field value + pub value: String, +} + +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. + pub port: IntOrString, +} + +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStop { + /// Exec specifies the action to take. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + /// HTTPGet specifies the http request to perform. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] + pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, +} + +/// Exec specifies the action to take. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, +} + +/// HTTPGet specifies the http request to perform. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] + pub http_headers: Option>, + /// Path to access on the HTTP server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. + pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheme: Option, +} + +/// HTTPHeader describes a custom header to be used in HTTP probes +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. + pub name: String, + /// The header field value + pub value: String, +} + +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. + pub port: IntOrString, +} + +/// PodSecurityContext specifies the PodSecurityContext to apply. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorPodSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] + pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] + pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorPodSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorPodSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, +} + +/// Sysctl defines a kernel parameter to be set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorPodSecurityContextSysctls { + /// Name of a property to set pub name: String, + /// Value of a property to set pub value: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorPodSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// Port represents the port definition in the pods objects. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorPorts { + #[serde(rename = "containerPort")] + pub container_port: i32, + pub name: String, + pub protocol: String, +} + +/// SecretInfo captures information of a secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSecrets { pub name: String, pub path: String, + /// SecretType tells the type of a secret. #[serde(rename = "secretType")] pub secret_type: String, } +/// SecurityContext specifies the container's SecurityContext to apply. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecars { + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, + /// Resources resize policy for the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] + pub resize_policy: Option>, + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] + pub restart_policy: Option, + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, + /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStart { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStop { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsPorts { + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, + /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - pub protocol: String, + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, } +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerResizePolicy represents resource resize policy for the container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorSidecarsResizePolicy { + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. + #[serde(rename = "restartPolicy")] + pub restart_policy: String, +} + +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorSidecarsResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// volumeDevice describes a mapping of a raw block device within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsVolumeDevices { + /// devicePath is the path inside of the container that the device will be mapped to. #[serde(rename = "devicePath")] pub device_path: String, + /// name must match the name of a persistentVolumeClaim in the pod pub name: String, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// Template is a template from which SparkApplication instances can be created. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ScheduledSparkApplicationTemplateMode { #[serde(rename = "cluster")] @@ -3314,34 +8213,54 @@ pub enum ScheduledSparkApplicationTemplateMode { Client, } +/// Monitoring configures how monitoring is handled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateMonitoring { + /// ExposeDriverMetrics specifies whether to expose metrics on the driver. #[serde(rename = "exposeDriverMetrics")] pub expose_driver_metrics: bool, + /// ExposeExecutorMetrics specifies whether to expose metrics on the executors. #[serde(rename = "exposeExecutorMetrics")] pub expose_executor_metrics: bool, + /// MetricsProperties is the content of a custom metrics.properties for configuring the Spark metric system. + /// If not specified, the content in spark-docker/conf/metrics.properties will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "metricsProperties")] pub metrics_properties: Option, + /// MetricsPropertiesFile is the container local path of file metrics.properties for configuring + /// the Spark metric system. If not specified, value /etc/metrics/conf/metrics.properties will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "metricsPropertiesFile")] pub metrics_properties_file: Option, + /// Prometheus is for configuring the Prometheus JMX exporter. #[serde(default, skip_serializing_if = "Option::is_none")] pub prometheus: Option, } +/// Prometheus is for configuring the Prometheus JMX exporter. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateMonitoringPrometheus { + /// ConfigFile is the path to the custom Prometheus configuration file provided in the Spark image. + /// ConfigFile takes precedence over Configuration, which is shown below. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configFile")] pub config_file: Option, + /// Configuration is the content of the Prometheus configuration needed by the Prometheus JMX exporter. + /// If not specified, the content in spark-docker/conf/prometheus.yaml will be used. + /// Configuration has no effect if ConfigFile is set. #[serde(default, skip_serializing_if = "Option::is_none")] pub configuration: Option, + /// JmxExporterJar is the path to the Prometheus JMX exporter jar in the container. #[serde(rename = "jmxExporterJar")] pub jmx_exporter_jar: String, + /// Port is the port of the HTTP server run by the Prometheus JMX exporter. + /// If not specified, 8090 will be used as the default. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, + /// PortName is the port name of prometheus JMX exporter port. + /// If not specified, jmx-exporter will be used as the default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portName")] pub port_name: Option, } +/// Template is a template from which SparkApplication instances can be created. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ScheduledSparkApplicationTemplatePythonVersion { #[serde(rename = "2")] @@ -3350,20 +8269,29 @@ pub enum ScheduledSparkApplicationTemplatePythonVersion { r#_3, } +/// RestartPolicy defines the policy on if and in which conditions the controller should restart an application. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateRestartPolicy { + /// OnFailureRetries the number of times to retry running an application before giving up. #[serde(default, skip_serializing_if = "Option::is_none", rename = "onFailureRetries")] pub on_failure_retries: Option, + /// OnFailureRetryInterval is the interval in seconds between retries on failed runs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "onFailureRetryInterval")] pub on_failure_retry_interval: Option, + /// OnSubmissionFailureRetries is the number of times to retry submitting an application before giving up. + /// This is best effort and actual retry attempts can be >= the value specified due to caching. + /// These are required if RestartPolicy is OnFailure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "onSubmissionFailureRetries")] pub on_submission_failure_retries: Option, + /// OnSubmissionFailureRetryInterval is the interval in seconds between retries on failed submissions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "onSubmissionFailureRetryInterval")] pub on_submission_failure_retry_interval: Option, + /// Type specifies the RestartPolicyType. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } +/// RestartPolicy defines the policy on if and in which conditions the controller should restart an application. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ScheduledSparkApplicationTemplateRestartPolicyType { Never, @@ -3371,30 +8299,54 @@ pub enum ScheduledSparkApplicationTemplateRestartPolicyType { OnFailure, } +/// SparkUIOptions allows configuring the Service and the Ingress to expose the sparkUI #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateSparkUiOptions { + /// IngressAnnotations is a map of key,value pairs of annotations that might be added to the ingress object. i.e. specify nginx as ingress.class #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressAnnotations")] pub ingress_annotations: Option>, + /// TlsHosts is useful If we need to declare SSL certificates to the ingress object #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressTLS")] pub ingress_tls: Option>, + /// ServiceAnnotations is a map of key,value pairs of annotations that might be added to the service object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAnnotations")] pub service_annotations: Option>, + /// ServiceLables is a map of key,value pairs of labels that might be added to the service object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceLabels")] pub service_labels: Option>, + /// ServicePort allows configuring the port at service level that might be different from the targetPort. + /// TargetPort should be the same as the one defined in spark.ui.port #[serde(default, skip_serializing_if = "Option::is_none", rename = "servicePort")] pub service_port: Option, + /// ServicePortName allows configuring the name of the service port. + /// This may be useful for sidecar proxies like Envoy injected by Istio which require specific ports names to treat traffic as proper HTTP. + /// Defaults to spark-driver-ui-port. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "servicePortName")] + pub service_port_name: Option, + /// ServiceType allows configuring the type of the service. Defaults to ClusterIP. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] pub service_type: Option, } +/// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateSparkUiOptionsIngressTls { + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } +/// Template is a template from which SparkApplication instances can be created. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ScheduledSparkApplicationTemplateType { Java, @@ -3403,634 +8355,1614 @@ pub enum ScheduledSparkApplicationTemplateType { R, } +/// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumes { + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, + /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, + /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, + /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, + /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, + /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// --- + /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, + /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, + /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, + /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesAwsElasticBlockStore { + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } +/// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesAzureDisk { + /// cachingMode is the Host Caching mode: None, Read Only, Read Write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cachingMode")] pub caching_mode: Option, + /// diskName is the Name of the data disk in the blob storage #[serde(rename = "diskName")] pub disk_name: String, + /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesAzureFile { + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretName is the name of secret that contains Azure Storage Account Name and Key #[serde(rename = "secretName")] pub secret_name: String, + /// shareName is the azure share Name #[serde(rename = "shareName")] pub share_name: String, } +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesCephfs { + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, + /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesCephfsSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesCinder { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesCinderSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesConfigMap { + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// optional specify whether the ConfigMap or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesConfigMapItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesCsi { + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesCsiNodePublishSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesDownwardApi { + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// Items is a list of downward API volume file #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, } +/// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesDownwardApiItems { + /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } +/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesDownwardApiItemsFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesDownwardApiItemsResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesEmptyDir { + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesEphemeral { + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// + /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesEphemeralVolumeClaimTemplate { + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, + pub metadata: Option, + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. + pub spec: ScheduledSparkApplicationTemplateVolumesEphemeralVolumeClaimTemplateSpec, +} + +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateVolumesEphemeralVolumeClaimTemplateMetadata { } +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesEphemeralVolumeClaimTemplateSpec { + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] + pub data_source: Option, + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] + pub data_source_ref: Option, + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// selector is a label query over volumes to consider for binding. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] + pub volume_mode: Option, + /// volumeName is the binding reference to the PersistentVolume backing this claim. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] + pub volume_name: Option, } +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateVolumesEphemeralVolumeClaimTemplateSpecDataSource { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] + pub api_group: Option, + /// Kind is the type of resource being referenced + pub kind: String, + /// Name is the name of resource being referenced + pub name: String, +} + +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] + pub api_group: Option, + /// Kind is the type of resource being referenced + pub kind: String, + /// Name is the name of resource being referenced + pub name: String, + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesEphemeralVolumeClaimTemplateSpecResources { + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option, + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, } +/// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScheduledSparkApplicationTemplateVolumesEphemeralVolumeClaimTemplateSpecResourcesRequests { +pub struct ScheduledSparkApplicationTemplateVolumesEphemeralVolumeClaimTemplateSpecSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub storage: Option, + pub values: Option>, } +/// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesFc { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesFlexVolume { + /// driver is the name of the driver to use for this volume. pub driver: String, + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesFlexVolumeSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesFlocker { + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, + /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetUUID")] pub dataset_uuid: Option, } +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesGcePersistentDisk { + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesGitRepo { + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, + /// repository is the URL pub repository: String, + /// revision is the commit hash for the specified revision. #[serde(default, skip_serializing_if = "Option::is_none")] pub revision: Option, } +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesGlusterfs { + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +/// --- +/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not +/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesHostPath { + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesIscsi { + /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] pub chap_auth_discovery: Option, + /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, + /// iqn is the target iSCSI Qualified Name. pub iqn: String, + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, + /// lun represents iSCSI Target Lun number. pub lun: i32, + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } +/// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesIscsiSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesNfs { + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesPersistentVolumeClaim { + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesPhotonPersistentDisk { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// pdID is the ID that identifies Photon Controller persistent disk #[serde(rename = "pdID")] pub pd_id: String, } +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesPortworxVolume { + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// volumeID uniquely identifies a Portworx volume #[serde(rename = "volumeID")] pub volume_id: String, } +/// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjected { + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - pub sources: Vec, + /// sources is the list of volume projections + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sources: Option>, } +/// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, + /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// downwardAPI information about the downwardAPI data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, + /// secret information about the secret data to project #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, + /// serviceAccountToken is information about the serviceAccountToken data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountToken")] pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesConfigMap { + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// optional specify whether the ConfigMap or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesConfigMapItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// downwardAPI information about the downwardAPI data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesDownwardApi { + /// Items is a list of DownwardAPIVolume file #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, } +/// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesDownwardApiItems { + /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } +/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesDownwardApiItemsFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesSecret { + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// optional field specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesSecretItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesServiceAccountToken { + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesQuobyte { + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, + /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesRbd { + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesRbdSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesScaleIo { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// gateway is the host address of the ScaleIO API Gateway. pub gateway: String, + /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: ScheduledSparkApplicationTemplateVolumesScaleIoSecretRef, + /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, + /// storagePool is the ScaleIO Storage Pool associated with the protection domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePool")] pub storage_pool: Option, + /// system is the name of the storage system as configured in ScaleIO. pub system: String, + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesScaleIoSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesSecret { + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesSecretItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesStorageos { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesStorageosSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesVsphereVolume { + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyID")] pub storage_policy_id: Option, + /// storagePolicyName is the storage Policy Based Management (SPBM) profile name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyName")] pub storage_policy_name: Option, + /// volumePath is the path that identifies vSphere volume vmdk #[serde(rename = "volumePath")] pub volume_path: String, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationStatus { + /// LastRun is the time when the last run of the application started. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastRun")] pub last_run: Option, + /// LastRunName is the name of the SparkApplication for the most recent run of the application. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastRunName")] pub last_run_name: Option, + /// NextRun is the time when the next run of the application will start. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nextRun")] pub next_run: Option, + /// PastFailedRunNames keeps the names of SparkApplications for past failed runs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pastFailedRunNames")] pub past_failed_run_names: Option>, + /// PastSuccessfulRunNames keeps the names of SparkApplications for past successful runs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pastSuccessfulRunNames")] pub past_successful_run_names: Option>, + /// Reason tells why the ScheduledSparkApplication is in the particular ScheduleState. #[serde(default, skip_serializing_if = "Option::is_none")] pub reason: Option, + /// ScheduleState is the current scheduling state of the application. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scheduleState")] pub schedule_state: Option, } diff --git a/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/sparkapplications.rs b/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/sparkapplications.rs index 27e3aea2a..a67b40c76 100644 --- a/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/sparkapplications.rs +++ b/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/sparkapplications.rs @@ -11,6 +11,8 @@ mod prelude { } use self::prelude::*; +/// SparkApplicationSpec describes the specification of a Spark application using Kubernetes as a cluster manager. +/// It carries every pieces of information a spark-submit command takes and recognizes. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, PartialEq)] #[kube(group = "sparkoperator.k8s.io", version = "v1beta2", kind = "SparkApplication", plural = "sparkapplications")] #[kube(namespaced)] @@ -18,488 +20,1165 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct SparkApplicationSpec { + /// Arguments is a list of arguments to be passed to the application. #[serde(default, skip_serializing_if = "Option::is_none")] pub arguments: Option>, + /// BatchScheduler configures which batch scheduler will be used for scheduling #[serde(default, skip_serializing_if = "Option::is_none", rename = "batchScheduler")] pub batch_scheduler: Option, + /// BatchSchedulerOptions provides fine-grained control on how to batch scheduling. #[serde(default, skip_serializing_if = "Option::is_none", rename = "batchSchedulerOptions")] pub batch_scheduler_options: Option, + /// Deps captures all possible types of dependencies of a Spark application. #[serde(default, skip_serializing_if = "Option::is_none")] pub deps: Option, + /// Driver is the driver specification. pub driver: SparkApplicationDriver, + /// DriverIngressOptions allows configuring the Service and the Ingress to expose ports inside Spark Driver #[serde(default, skip_serializing_if = "Option::is_none", rename = "driverIngressOptions")] pub driver_ingress_options: Option>, + /// DynamicAllocation configures dynamic allocation that becomes available for the Kubernetes + /// scheduler backend since Spark 3.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dynamicAllocation")] pub dynamic_allocation: Option, + /// Executor is the executor specification. pub executor: SparkApplicationExecutor, + /// FailureRetries is the number of times to retry a failed application before giving up. + /// This is best effort and actual retry attempts can be >= the value specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureRetries")] pub failure_retries: Option, + /// HadoopConf carries user-specified Hadoop configuration properties as they would use the the "--conf" option + /// in spark-submit. The SparkApplication controller automatically adds prefix "spark.hadoop." to Hadoop + /// configuration properties. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hadoopConf")] pub hadoop_conf: Option>, + /// HadoopConfigMap carries the name of the ConfigMap containing Hadoop configuration files such as core-site.xml. + /// The controller will add environment variable HADOOP_CONF_DIR to the path where the ConfigMap is mounted to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hadoopConfigMap")] pub hadoop_config_map: Option, + /// Image is the container image for the driver, executor, and init-container. Any custom container images for the + /// driver, executor, or init-container takes precedence over this. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// ImagePullPolicy is the image pull policy for the driver, executor, and init-container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// ImagePullSecrets is the list of image-pull secrets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] pub image_pull_secrets: Option>, + /// MainFile is the path to a bundled JAR, Python, or R file of the application. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mainApplicationFile")] pub main_application_file: Option, + /// MainClass is the fully-qualified main class of the Spark application. + /// This only applies to Java/Scala Spark applications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mainClass")] pub main_class: Option, + /// This sets the Memory Overhead Factor that will allocate memory to non-JVM memory. + /// For JVM-based jobs this value will default to 0.10, for non-JVM jobs 0.40. Value of this field will + /// be overridden by `Spec.Driver.MemoryOverhead` and `Spec.Executor.MemoryOverhead` if they are set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "memoryOverheadFactor")] pub memory_overhead_factor: Option, + /// Mode is the deployment mode of the Spark application. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// Monitoring configures how monitoring is handled. #[serde(default, skip_serializing_if = "Option::is_none")] pub monitoring: Option, + /// NodeSelector is the Kubernetes node selector to be added to the driver and executor pods. + /// This field is mutually exclusive with nodeSelector at podSpec level (driver or executor). + /// This field will be deprecated in future versions (at SparkApplicationSpec level). #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, + /// ProxyUser specifies the user to impersonate when submitting the application. + /// It maps to the command-line flag "--proxy-user" in spark-submit. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUser")] pub proxy_user: Option, + /// This sets the major Python version of the docker + /// image used to run the driver and executor containers. Can either be 2 or 3, default 2. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pythonVersion")] pub python_version: Option, + /// RestartPolicy defines the policy on if and in which conditions the controller should restart an application. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, + /// RetryInterval is the unit of intervals in seconds between submission retries. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryInterval")] pub retry_interval: Option, + /// SparkConf carries user-specified Spark configuration properties as they would use the "--conf" option in + /// spark-submit. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sparkConf")] pub spark_conf: Option>, + /// SparkConfigMap carries the name of the ConfigMap containing Spark configuration files such as log4j.properties. + /// The controller will add environment variable SPARK_CONF_DIR to the path where the ConfigMap is mounted to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sparkConfigMap")] pub spark_config_map: Option, + /// SparkUIOptions allows configuring the Service and the Ingress to expose the sparkUI #[serde(default, skip_serializing_if = "Option::is_none", rename = "sparkUIOptions")] pub spark_ui_options: Option, + /// SparkVersion is the version of Spark the application uses. #[serde(rename = "sparkVersion")] pub spark_version: String, + /// TimeToLiveSeconds defines the Time-To-Live (TTL) duration in seconds for this SparkApplication + /// after its termination. + /// The SparkApplication object will be garbage collected if the current time is more than the + /// TimeToLiveSeconds since its termination. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeToLiveSeconds")] pub time_to_live_seconds: Option, + /// Type tells the type of the Spark application. #[serde(rename = "type")] pub r#type: SparkApplicationType, + /// Volumes is the list of Kubernetes volumes that can be mounted by the driver and/or executors. #[serde(default, skip_serializing_if = "Option::is_none")] pub volumes: Option>, } +/// BatchSchedulerOptions provides fine-grained control on how to batch scheduling. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationBatchSchedulerOptions { + /// PriorityClassName stands for the name of k8s PriorityClass resource, it's being used in Volcano batch scheduler. #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, + /// Queue stands for the resource queue which the application belongs to, it's being used in Volcano batch scheduler. #[serde(default, skip_serializing_if = "Option::is_none")] pub queue: Option, + /// Resources stands for the resource list custom request for. Usually it is used to define the lower-bound limit. + /// If specified, volcano scheduler will consider it as the resources requested. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option>, } +/// Deps captures all possible types of dependencies of a Spark application. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDeps { + /// ExcludePackages is a list of "groupId:artifactId", to exclude while resolving the + /// dependencies provided in Packages to avoid dependency conflicts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludePackages")] pub exclude_packages: Option>, + /// Files is a list of files the Spark application depends on. #[serde(default, skip_serializing_if = "Option::is_none")] pub files: Option>, + /// Jars is a list of JAR files the Spark application depends on. #[serde(default, skip_serializing_if = "Option::is_none")] pub jars: Option>, + /// Packages is a list of maven coordinates of jars to include on the driver and executor + /// classpaths. This will search the local maven repo, then maven central and any additional + /// remote repositories given by the "repositories" option. + /// Each package should be of the form "groupId:artifactId:version". #[serde(default, skip_serializing_if = "Option::is_none")] pub packages: Option>, + /// PyFiles is a list of Python files the Spark application depends on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pyFiles")] pub py_files: Option>, + /// Repositories is a list of additional remote repositories to search for the maven coordinate + /// given with the "packages" option. #[serde(default, skip_serializing_if = "Option::is_none")] pub repositories: Option>, } +/// Driver is the driver specification. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriver { + /// Affinity specifies the affinity/anti-affinity settings for the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, + /// Annotations are the Kubernetes annotations to be added to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, + /// ConfigMaps carries information of other ConfigMaps to add to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMaps")] pub config_maps: Option>, + /// CoreLimit specifies a hard limit on CPU cores for the pod. + /// Optional #[serde(default, skip_serializing_if = "Option::is_none", rename = "coreLimit")] pub core_limit: Option, + /// CoreRequest is the physical CPU core request for the driver. + /// Maps to `spark.kubernetes.driver.request.cores` that is available since Spark 3.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "coreRequest")] pub core_request: Option, + /// Cores maps to `spark.driver.cores` or `spark.executor.cores` for the driver and executors, respectively. #[serde(default, skip_serializing_if = "Option::is_none")] pub cores: Option, + /// DnsConfig dns settings for the pod, following the Kubernetes specifications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsConfig")] pub dns_config: Option, + /// Env carries the environment variables to add to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// EnvFrom is a list of sources to populate environment variables in the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// EnvSecretKeyRefs holds a mapping from environment variable names to SecretKeyRefs. + /// Deprecated. Consider using `env` instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envSecretKeyRefs")] pub env_secret_key_refs: Option>, + /// EnvVars carries the environment variables to add to the pod. + /// Deprecated. Consider using `env` instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envVars")] pub env_vars: Option>, + /// GPU specifies GPU requirement for the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub gpu: Option, + /// HostAliases settings for the pod, following the Kubernetes specifications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostAliases")] pub host_aliases: Option>, + /// HostNetwork indicates whether to request host networking for the pod or not. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetwork")] pub host_network: Option, + /// Image is the container image to use. Overrides Spec.Image if set. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// InitContainers is a list of init-containers that run to completion before the main Spark container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initContainers")] pub init_containers: Option>, + /// JavaOptions is a string of extra JVM options to pass to the driver. For instance, + /// GC settings or other logging. #[serde(default, skip_serializing_if = "Option::is_none", rename = "javaOptions")] pub java_options: Option, + /// KubernetesMaster is the URL of the Kubernetes master used by the driver to manage executor pods and + /// other Kubernetes resources. Default to https://kubernetes.default.svc. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesMaster")] pub kubernetes_master: Option, + /// Labels are the Kubernetes labels to be added to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, + /// Lifecycle for running preStop or postStart commands #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, + /// Memory is the amount of memory to request for the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub memory: Option, + /// MemoryOverhead is the amount of off-heap memory to allocate in cluster mode, in MiB unless otherwise specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "memoryOverhead")] pub memory_overhead: Option, + /// NodeSelector is the Kubernetes node selector to be added to the driver and executor pods. + /// This field is mutually exclusive with nodeSelector at SparkApplication level (which will be deprecated). #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, + /// PodName is the name of the driver pod that the user creates. This is used for the + /// in-cluster client mode in which the user creates a client pod where the driver of + /// the user application runs. It's an error to set this field if Mode is not + /// in-cluster-client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podName")] pub pod_name: Option, + /// PodSecurityContext specifies the PodSecurityContext to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurityContext")] pub pod_security_context: Option, + /// Ports settings for the pods, following the Kubernetes specifications. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ports: Option>, + /// SchedulerName specifies the scheduler that will be used for scheduling #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] pub scheduler_name: Option, + /// Secrets carries information of secrets to add to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub secrets: Option>, + /// SecurityContext specifies the container's SecurityContext to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// ServiceAccount is the name of the custom Kubernetes service account used by the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, + /// ServiceAnnotations defines the annotations to be added to the Kubernetes headless service used by + /// executors to connect to the driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAnnotations")] pub service_annotations: Option>, + /// ServiceLabels defines the labels to be added to the Kubernetes headless service used by + /// executors to connect to the driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceLabels")] pub service_labels: Option>, + /// ShareProcessNamespace settings for the pod, following the Kubernetes specifications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "shareProcessNamespace")] pub share_process_namespace: Option, + /// Sidecars is a list of sidecar containers that run along side the main Spark container. #[serde(default, skip_serializing_if = "Option::is_none")] pub sidecars: Option>, + /// Termination grace period seconds for the pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + /// Tolerations specifies the tolerations listed in ".spec.tolerations" to be applied to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, + /// VolumeMounts specifies the volumes listed in ".spec.volumes" to mount into the main container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, } +/// Affinity specifies the affinity/anti-affinity settings for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinity { + /// Describes node affinity scheduling rules for the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] pub pod_anti_affinity: Option, } +/// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. pub preference: SparkApplicationDriverAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. pub weight: i32, } +/// A node selector term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. #[serde(rename = "nodeSelectorTerms")] pub node_selector_terms: Vec, } +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: SparkApplicationDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: SparkApplicationDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// NamePath is a pair of a name and a path to which the named objects should be mounted to. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverConfigMaps { pub name: String, pub path: String, } +/// DnsConfig dns settings for the pod, following the Kubernetes specifications. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverDnsConfig { + /// A list of DNS name server IP addresses. + /// This will be appended to the base nameservers generated from DNSPolicy. + /// Duplicated nameservers will be removed. #[serde(default, skip_serializing_if = "Option::is_none")] pub nameservers: Option>, + /// A list of DNS resolver options. + /// This will be merged with the base options generated from DNSPolicy. + /// Duplicated entries will be removed. Resolution options given in Options + /// will override those that appear in the base DNSPolicy. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, + /// A list of DNS search domains for host-name lookup. + /// This will be appended to the base search paths generated from DNSPolicy. + /// Duplicated search paths will be removed. #[serde(default, skip_serializing_if = "Option::is_none")] pub searches: Option>, } +/// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverDnsConfigOptions { + /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvSecretKeyRefs holds a mapping from environment variable names to SecretKeyRefs. +/// Deprecated. Consider using `env` instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverEnvSecretKeyRefs { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -508,1655 +1187,4032 @@ pub struct SparkApplicationDriverEnvSecretKeyRefs { pub name: Option, } +/// GPU specifies GPU requirement for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverGpu { + /// Name is GPU resource name, such as: nvidia.com/gpu or amd.com/gpu pub name: String, + /// Quantity is the number of GPUs to request for driver or executor. pub quantity: i64, } +/// HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the +/// pod's hosts file. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverHostAliases { + /// Hostnames for the above IP address. #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, + /// IP address of the host file entry. #[serde(default, skip_serializing_if = "Option::is_none")] pub ip: Option, } +/// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainers { + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, + /// Resources resize policy for the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] + pub resize_policy: Option>, + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, + /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePostStart { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverInitContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePreStop { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverInitContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLivenessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLivenessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverInitContainersLivenessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLivenessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLivenessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLivenessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersPorts { + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, + /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - pub protocol: String, + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, } +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersReadinessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersReadinessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverInitContainersReadinessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersReadinessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersReadinessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersReadinessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerResizePolicy represents resource resize policy for the container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverInitContainersResizePolicy { + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. + #[serde(rename = "restartPolicy")] + pub restart_policy: String, +} + +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverInitContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersStartupProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersStartupProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverInitContainersStartupProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersStartupProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersStartupProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersStartupProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// volumeDevice describes a mapping of a raw block device within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersVolumeDevices { + /// devicePath is the path inside of the container that the device will be mapped to. #[serde(rename = "devicePath")] pub device_path: String, + /// name must match the name of a persistentVolumeClaim in the pod pub name: String, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// Lifecycle for running preStop or postStart commands #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePostStart { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePreStop { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PodSecurityContext specifies the PodSecurityContext to apply. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverPodSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] + pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] + pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverPodSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverPodSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, +} + +/// Sysctl defines a kernel parameter to be set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverPodSecurityContextSysctls { + /// Name of a property to set pub name: String, + /// Value of a property to set pub value: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverPodSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// Port represents the port definition in the pods objects. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverPorts { + #[serde(rename = "containerPort")] + pub container_port: i32, + pub name: String, + pub protocol: String, +} + +/// SecretInfo captures information of a secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSecrets { pub name: String, pub path: String, + /// SecretType tells the type of a secret. #[serde(rename = "secretType")] pub secret_type: String, } +/// SecurityContext specifies the container's SecurityContext to apply. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecars { + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, + /// Resources resize policy for the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] + pub resize_policy: Option>, + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] + pub restart_policy: Option, + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, + /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePostStart { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverSidecarsLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePreStop { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverSidecarsLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLivenessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLivenessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverSidecarsLivenessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLivenessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLivenessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLivenessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsPorts { + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, + /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - pub protocol: String, + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, } +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsReadinessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsReadinessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverSidecarsReadinessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsReadinessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsReadinessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsReadinessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerResizePolicy represents resource resize policy for the container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverSidecarsResizePolicy { + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. + #[serde(rename = "restartPolicy")] + pub restart_policy: String, +} + +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverSidecarsResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsStartupProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsStartupProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverSidecarsStartupProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsStartupProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsStartupProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsStartupProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// volumeDevice describes a mapping of a raw block device within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsVolumeDevices { + /// devicePath is the path inside of the container that the device will be mapped to. #[serde(rename = "devicePath")] pub device_path: String, + /// name must match the name of a persistentVolumeClaim in the pod pub name: String, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// DriverIngressConfiguration is for driver ingress specific configuration parameters. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverIngressOptions { + /// IngressAnnotations is a map of key,value pairs of annotations that might be added to the ingress object. i.e. specify nginx as ingress.class #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressAnnotations")] pub ingress_annotations: Option>, + /// TlsHosts is useful If we need to declare SSL certificates to the ingress object #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressTLS")] pub ingress_tls: Option>, + /// IngressURLFormat is the URL for the ingress. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressURLFormat")] pub ingress_url_format: Option, + /// ServiceAnnotations is a map of key,value pairs of annotations that might be added to the service object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAnnotations")] pub service_annotations: Option>, + /// ServiceLables is a map of key,value pairs of labels that might be added to the service object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceLabels")] pub service_labels: Option>, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "servicePort")] - pub service_port: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "servicePortName")] - pub service_port_name: Option, + /// ServicePort allows configuring the port at service level that might be different from the targetPort. + #[serde(rename = "servicePort")] + pub service_port: i32, + /// ServicePortName allows configuring the name of the service port. + /// This may be useful for sidecar proxies like Envoy injected by Istio which require specific ports names to treat traffic as proper HTTP. + #[serde(rename = "servicePortName")] + pub service_port_name: String, + /// ServiceType allows configuring the type of the service. Defaults to ClusterIP. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] pub service_type: Option, } +/// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverIngressOptionsIngressTls { + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } +/// DynamicAllocation configures dynamic allocation that becomes available for the Kubernetes +/// scheduler backend since Spark 3.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDynamicAllocation { + /// Enabled controls whether dynamic allocation is enabled or not. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, + /// InitialExecutors is the initial number of executors to request. If .spec.executor.instances + /// is also set, the initial number of executors is set to the bigger of that and this option. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialExecutors")] pub initial_executors: Option, + /// MaxExecutors is the upper bound for the number of executors if dynamic allocation is enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxExecutors")] pub max_executors: Option, + /// MinExecutors is the lower bound for the number of executors if dynamic allocation is enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minExecutors")] pub min_executors: Option, + /// ShuffleTrackingTimeout controls the timeout in milliseconds for executors that are holding + /// shuffle data if shuffle tracking is enabled (true by default if dynamic allocation is enabled). #[serde(default, skip_serializing_if = "Option::is_none", rename = "shuffleTrackingTimeout")] pub shuffle_tracking_timeout: Option, } +/// Executor is the executor specification. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutor { + /// Affinity specifies the affinity/anti-affinity settings for the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, + /// Annotations are the Kubernetes annotations to be added to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, + /// ConfigMaps carries information of other ConfigMaps to add to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMaps")] pub config_maps: Option>, + /// CoreLimit specifies a hard limit on CPU cores for the pod. + /// Optional #[serde(default, skip_serializing_if = "Option::is_none", rename = "coreLimit")] pub core_limit: Option, + /// CoreRequest is the physical CPU core request for the executors. + /// Maps to `spark.kubernetes.executor.request.cores` that is available since Spark 2.4. #[serde(default, skip_serializing_if = "Option::is_none", rename = "coreRequest")] pub core_request: Option, + /// Cores maps to `spark.driver.cores` or `spark.executor.cores` for the driver and executors, respectively. #[serde(default, skip_serializing_if = "Option::is_none")] pub cores: Option, + /// DeleteOnTermination specify whether executor pods should be deleted in case of failure or normal termination. + /// Maps to `spark.kubernetes.executor.deleteOnTermination` that is available since Spark 3.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deleteOnTermination")] pub delete_on_termination: Option, + /// DnsConfig dns settings for the pod, following the Kubernetes specifications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsConfig")] pub dns_config: Option, + /// Env carries the environment variables to add to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// EnvFrom is a list of sources to populate environment variables in the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// EnvSecretKeyRefs holds a mapping from environment variable names to SecretKeyRefs. + /// Deprecated. Consider using `env` instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envSecretKeyRefs")] pub env_secret_key_refs: Option>, + /// EnvVars carries the environment variables to add to the pod. + /// Deprecated. Consider using `env` instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envVars")] pub env_vars: Option>, + /// GPU specifies GPU requirement for the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub gpu: Option, + /// HostAliases settings for the pod, following the Kubernetes specifications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostAliases")] pub host_aliases: Option>, + /// HostNetwork indicates whether to request host networking for the pod or not. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetwork")] pub host_network: Option, + /// Image is the container image to use. Overrides Spec.Image if set. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// InitContainers is a list of init-containers that run to completion before the main Spark container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initContainers")] pub init_containers: Option>, + /// Instances is the number of executor instances. #[serde(default, skip_serializing_if = "Option::is_none")] pub instances: Option, + /// JavaOptions is a string of extra JVM options to pass to the executors. For instance, + /// GC settings or other logging. #[serde(default, skip_serializing_if = "Option::is_none", rename = "javaOptions")] pub java_options: Option, + /// Labels are the Kubernetes labels to be added to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, + /// Lifecycle for running preStop or postStart commands + #[serde(default, skip_serializing_if = "Option::is_none")] + pub lifecycle: Option, + /// Memory is the amount of memory to request for the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub memory: Option, + /// MemoryOverhead is the amount of off-heap memory to allocate in cluster mode, in MiB unless otherwise specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "memoryOverhead")] pub memory_overhead: Option, + /// NodeSelector is the Kubernetes node selector to be added to the driver and executor pods. + /// This field is mutually exclusive with nodeSelector at SparkApplication level (which will be deprecated). #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, + /// PodSecurityContext specifies the PodSecurityContext to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurityContext")] pub pod_security_context: Option, + /// Ports settings for the pods, following the Kubernetes specifications. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ports: Option>, + /// SchedulerName specifies the scheduler that will be used for scheduling #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] pub scheduler_name: Option, + /// Secrets carries information of secrets to add to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub secrets: Option>, + /// SecurityContext specifies the container's SecurityContext to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// ServiceAccount is the name of the custom Kubernetes service account used by the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, + /// ShareProcessNamespace settings for the pod, following the Kubernetes specifications. #[serde(default, skip_serializing_if = "Option::is_none", rename = "shareProcessNamespace")] pub share_process_namespace: Option, + /// Sidecars is a list of sidecar containers that run along side the main Spark container. #[serde(default, skip_serializing_if = "Option::is_none")] pub sidecars: Option>, + /// Termination grace period seconds for the pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, + /// Tolerations specifies the tolerations listed in ".spec.tolerations" to be applied to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, + /// VolumeMounts specifies the volumes listed in ".spec.volumes" to mount into the main container's filesystem. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, } +/// Affinity specifies the affinity/anti-affinity settings for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinity { + /// Describes node affinity scheduling rules for the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] pub pod_anti_affinity: Option, } +/// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. pub preference: SparkApplicationExecutorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. pub weight: i32, } +/// A node selector term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. #[serde(rename = "nodeSelectorTerms")] pub node_selector_terms: Vec, } +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] pub match_fields: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: SparkApplicationExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: SparkApplicationExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// NamePath is a pair of a name and a path to which the named objects should be mounted to. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorConfigMaps { pub name: String, pub path: String, } +/// DnsConfig dns settings for the pod, following the Kubernetes specifications. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorDnsConfig { + /// A list of DNS name server IP addresses. + /// This will be appended to the base nameservers generated from DNSPolicy. + /// Duplicated nameservers will be removed. #[serde(default, skip_serializing_if = "Option::is_none")] pub nameservers: Option>, + /// A list of DNS resolver options. + /// This will be merged with the base options generated from DNSPolicy. + /// Duplicated entries will be removed. Resolution options given in Options + /// will override those that appear in the base DNSPolicy. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, + /// A list of DNS search domains for host-name lookup. + /// This will be appended to the base search paths generated from DNSPolicy. + /// Duplicated search paths will be removed. #[serde(default, skip_serializing_if = "Option::is_none")] pub searches: Option>, } +/// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorDnsConfigOptions { + /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvSecretKeyRefs holds a mapping from environment variable names to SecretKeyRefs. +/// Deprecated. Consider using `env` instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorEnvSecretKeyRefs { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2165,1133 +5221,2969 @@ pub struct SparkApplicationExecutorEnvSecretKeyRefs { pub name: Option, } +/// GPU specifies GPU requirement for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorGpu { + /// Name is GPU resource name, such as: nvidia.com/gpu or amd.com/gpu pub name: String, + /// Quantity is the number of GPUs to request for driver or executor. pub quantity: i64, } +/// HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the +/// pod's hosts file. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorHostAliases { + /// Hostnames for the above IP address. #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, + /// IP address of the host file entry. #[serde(default, skip_serializing_if = "Option::is_none")] pub ip: Option, } +/// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainers { + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, + /// Resources resize policy for the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] + pub resize_policy: Option>, + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, + /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePostStart { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorInitContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePreStop { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorInitContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLivenessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLivenessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorInitContainersLivenessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLivenessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLivenessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLivenessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersPorts { + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, + /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - pub protocol: String, + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, } +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersReadinessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersReadinessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorInitContainersReadinessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersReadinessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersReadinessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersReadinessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerResizePolicy represents resource resize policy for the container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorInitContainersResizePolicy { + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. + #[serde(rename = "restartPolicy")] + pub restart_policy: String, +} + +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorInitContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersStartupProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersStartupProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorInitContainersStartupProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersStartupProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersStartupProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersStartupProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// volumeDevice describes a mapping of a raw block device within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersVolumeDevices { + /// devicePath is the path inside of the container that the device will be mapped to. #[serde(rename = "devicePath")] pub device_path: String, + /// name must match the name of a persistentVolumeClaim in the pod pub name: String, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// Lifecycle for running preStop or postStart commands +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] + pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] + pub pre_stop: Option, +} + +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorLifecyclePostStart { + /// Exec specifies the action to take. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + /// HTTPGet specifies the http request to perform. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] + pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, +} + +/// Exec specifies the action to take. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, +} + +/// HTTPGet specifies the http request to perform. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] + pub http_headers: Option>, + /// Path to access on the HTTP server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. + pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheme: Option, +} + +/// HTTPHeader describes a custom header to be used in HTTP probes +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. + pub name: String, + /// The header field value + pub value: String, +} + +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. + pub port: IntOrString, +} + +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorLifecyclePreStop { + /// Exec specifies the action to take. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + /// HTTPGet specifies the http request to perform. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] + pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, +} + +/// Exec specifies the action to take. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, +} + +/// HTTPGet specifies the http request to perform. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] + pub http_headers: Option>, + /// Path to access on the HTTP server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. + pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheme: Option, +} + +/// HTTPHeader describes a custom header to be used in HTTP probes +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. + pub name: String, + /// The header field value + pub value: String, +} + +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. + pub port: IntOrString, +} + +/// PodSecurityContext specifies the PodSecurityContext to apply. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorPodSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] + pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] + pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorPodSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorPodSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, +} + +/// Sysctl defines a kernel parameter to be set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorPodSecurityContextSysctls { + /// Name of a property to set pub name: String, + /// Value of a property to set pub value: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorPodSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// Port represents the port definition in the pods objects. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorPorts { + #[serde(rename = "containerPort")] + pub container_port: i32, + pub name: String, + pub protocol: String, +} + +/// SecretInfo captures information of a secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSecrets { pub name: String, pub path: String, + /// SecretType tells the type of a secret. #[serde(rename = "secretType")] pub secret_type: String, } +/// SecurityContext specifies the container's SecurityContext to apply. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// A single application container that you want to run within a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecars { + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, + /// Resources resize policy for the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] + pub resize_policy: Option>, + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] + pub restart_policy: Option, + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, + /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] pub value_from: Option, } +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsEnvValueFrom { + /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] pub secret_key_ref: Option, } +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsEnvValueFromConfigMapKeyRef { + /// The key to select. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsEnvFrom { + /// The ConfigMap to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. #[serde(default, skip_serializing_if = "Option::is_none")] pub prefix: Option, + /// The Secret to select from #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsEnvFromConfigMapRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the ConfigMap must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsEnvFromSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Specify whether the Secret must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecycle { + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePostStart { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePostStartExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePostStartHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePostStartHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorSidecarsLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePostStartTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePreStop { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePreStopExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePreStopHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePreStopHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorSidecarsLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePreStopTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLivenessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLivenessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorSidecarsLivenessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLivenessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLivenessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLivenessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsPorts { + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, + /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - pub protocol: String, + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, } +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsReadinessProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsReadinessProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorSidecarsReadinessProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsReadinessProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsReadinessProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsReadinessProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// ContainerResizePolicy represents resource resize policy for the container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorSidecarsResizePolicy { + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. + #[serde(rename = "resourceName")] + pub resource_name: String, + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. + #[serde(rename = "restartPolicy")] + pub restart_policy: String, +} + +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorSidecarsResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsSecurityContext { + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsSecurityContextCapabilities { + /// Added capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub add: Option>, + /// Removed capabilities #[serde(default, skip_serializing_if = "Option::is_none")] pub drop: Option>, } +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, + /// Type is a SELinux type label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// User is a SELinux user label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsSecurityContextSeccompProfile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, } +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsStartupProbe { + /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } +/// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsStartupProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorSidecarsStartupProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsStartupProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] pub http_headers: Option>, + /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } +/// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsStartupProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, + /// The header field value pub value: String, } +/// TCPSocket specifies an action involving a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsStartupProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } +/// volumeDevice describes a mapping of a raw block device within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsVolumeDevices { + /// devicePath is the path inside of the container that the device will be mapped to. #[serde(rename = "devicePath")] pub device_path: String, + /// name must match the name of a persistentVolumeClaim in the pod pub name: String, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } +/// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorVolumeMounts { + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, + /// This must match the Name of a Volume. pub name: String, + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// SparkApplicationSpec describes the specification of a Spark application using Kubernetes as a cluster manager. +/// It carries every pieces of information a spark-submit command takes and recognizes. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum SparkApplicationMode { #[serde(rename = "cluster")] @@ -3300,34 +8192,55 @@ pub enum SparkApplicationMode { Client, } +/// Monitoring configures how monitoring is handled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationMonitoring { + /// ExposeDriverMetrics specifies whether to expose metrics on the driver. #[serde(rename = "exposeDriverMetrics")] pub expose_driver_metrics: bool, + /// ExposeExecutorMetrics specifies whether to expose metrics on the executors. #[serde(rename = "exposeExecutorMetrics")] pub expose_executor_metrics: bool, + /// MetricsProperties is the content of a custom metrics.properties for configuring the Spark metric system. + /// If not specified, the content in spark-docker/conf/metrics.properties will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "metricsProperties")] pub metrics_properties: Option, + /// MetricsPropertiesFile is the container local path of file metrics.properties for configuring + /// the Spark metric system. If not specified, value /etc/metrics/conf/metrics.properties will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "metricsPropertiesFile")] pub metrics_properties_file: Option, + /// Prometheus is for configuring the Prometheus JMX exporter. #[serde(default, skip_serializing_if = "Option::is_none")] pub prometheus: Option, } +/// Prometheus is for configuring the Prometheus JMX exporter. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationMonitoringPrometheus { + /// ConfigFile is the path to the custom Prometheus configuration file provided in the Spark image. + /// ConfigFile takes precedence over Configuration, which is shown below. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configFile")] pub config_file: Option, + /// Configuration is the content of the Prometheus configuration needed by the Prometheus JMX exporter. + /// If not specified, the content in spark-docker/conf/prometheus.yaml will be used. + /// Configuration has no effect if ConfigFile is set. #[serde(default, skip_serializing_if = "Option::is_none")] pub configuration: Option, + /// JmxExporterJar is the path to the Prometheus JMX exporter jar in the container. #[serde(rename = "jmxExporterJar")] pub jmx_exporter_jar: String, + /// Port is the port of the HTTP server run by the Prometheus JMX exporter. + /// If not specified, 8090 will be used as the default. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, + /// PortName is the port name of prometheus JMX exporter port. + /// If not specified, jmx-exporter will be used as the default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portName")] pub port_name: Option, } +/// SparkApplicationSpec describes the specification of a Spark application using Kubernetes as a cluster manager. +/// It carries every pieces of information a spark-submit command takes and recognizes. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum SparkApplicationPythonVersion { #[serde(rename = "2")] @@ -3336,20 +8249,29 @@ pub enum SparkApplicationPythonVersion { r#_3, } +/// RestartPolicy defines the policy on if and in which conditions the controller should restart an application. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationRestartPolicy { + /// OnFailureRetries the number of times to retry running an application before giving up. #[serde(default, skip_serializing_if = "Option::is_none", rename = "onFailureRetries")] pub on_failure_retries: Option, + /// OnFailureRetryInterval is the interval in seconds between retries on failed runs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "onFailureRetryInterval")] pub on_failure_retry_interval: Option, + /// OnSubmissionFailureRetries is the number of times to retry submitting an application before giving up. + /// This is best effort and actual retry attempts can be >= the value specified due to caching. + /// These are required if RestartPolicy is OnFailure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "onSubmissionFailureRetries")] pub on_submission_failure_retries: Option, + /// OnSubmissionFailureRetryInterval is the interval in seconds between retries on failed submissions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "onSubmissionFailureRetryInterval")] pub on_submission_failure_retry_interval: Option, + /// Type specifies the RestartPolicyType. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } +/// RestartPolicy defines the policy on if and in which conditions the controller should restart an application. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum SparkApplicationRestartPolicyType { Never, @@ -3357,32 +8279,55 @@ pub enum SparkApplicationRestartPolicyType { OnFailure, } +/// SparkUIOptions allows configuring the Service and the Ingress to expose the sparkUI #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationSparkUiOptions { + /// IngressAnnotations is a map of key,value pairs of annotations that might be added to the ingress object. i.e. specify nginx as ingress.class #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressAnnotations")] pub ingress_annotations: Option>, + /// TlsHosts is useful If we need to declare SSL certificates to the ingress object #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressTLS")] pub ingress_tls: Option>, + /// ServiceAnnotations is a map of key,value pairs of annotations that might be added to the service object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAnnotations")] pub service_annotations: Option>, + /// ServiceLables is a map of key,value pairs of labels that might be added to the service object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceLabels")] pub service_labels: Option>, + /// ServicePort allows configuring the port at service level that might be different from the targetPort. + /// TargetPort should be the same as the one defined in spark.ui.port #[serde(default, skip_serializing_if = "Option::is_none", rename = "servicePort")] pub service_port: Option, + /// ServicePortName allows configuring the name of the service port. + /// This may be useful for sidecar proxies like Envoy injected by Istio which require specific ports names to treat traffic as proper HTTP. + /// Defaults to spark-driver-ui-port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "servicePortName")] pub service_port_name: Option, + /// ServiceType allows configuring the type of the service. Defaults to ClusterIP. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] pub service_type: Option, } +/// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationSparkUiOptionsIngressTls { + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } +/// SparkApplicationSpec describes the specification of a Spark application using Kubernetes as a cluster manager. +/// It carries every pieces of information a spark-submit command takes and recognizes. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum SparkApplicationType { Java, @@ -3391,649 +8336,1637 @@ pub enum SparkApplicationType { R, } +/// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumes { + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, + /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, + /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, + /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, + /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, + /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// --- + /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, + /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, + /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, + /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesAwsElasticBlockStore { + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } +/// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesAzureDisk { + /// cachingMode is the Host Caching mode: None, Read Only, Read Write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cachingMode")] pub caching_mode: Option, + /// diskName is the Name of the data disk in the blob storage #[serde(rename = "diskName")] pub disk_name: String, + /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesAzureFile { + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretName is the name of secret that contains Azure Storage Account Name and Key #[serde(rename = "secretName")] pub secret_name: String, + /// shareName is the azure share Name #[serde(rename = "shareName")] pub share_name: String, } +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesCephfs { + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, + /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesCephfsSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesCinder { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesCinderSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesConfigMap { + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// optional specify whether the ConfigMap or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesConfigMapItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesCsi { + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesCsiNodePublishSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesDownwardApi { + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// Items is a list of downward API volume file #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, } +/// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesDownwardApiItems { + /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } +/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesDownwardApiItemsFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesDownwardApiItemsResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesEmptyDir { + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesEphemeral { + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// + /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesEphemeralVolumeClaimTemplate { + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, + pub metadata: Option, + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. + pub spec: SparkApplicationVolumesEphemeralVolumeClaimTemplateSpec, +} + +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationVolumesEphemeralVolumeClaimTemplateMetadata { } +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesEphemeralVolumeClaimTemplateSpec { + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] + pub data_source: Option, + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] + pub data_source_ref: Option, + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// selector is a label query over volumes to consider for binding. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] + pub volume_mode: Option, + /// volumeName is the binding reference to the PersistentVolume backing this claim. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] + pub volume_name: Option, } +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationVolumesEphemeralVolumeClaimTemplateSpecDataSource { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] + pub api_group: Option, + /// Kind is the type of resource being referenced + pub kind: String, + /// Name is the name of resource being referenced + pub name: String, +} + +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] + pub api_group: Option, + /// Kind is the type of resource being referenced + pub kind: String, + /// Name is the name of resource being referenced + pub name: String, + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesEphemeralVolumeClaimTemplateSpecResources { + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option, + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, } +/// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct SparkApplicationVolumesEphemeralVolumeClaimTemplateSpecResourcesRequests { +pub struct SparkApplicationVolumesEphemeralVolumeClaimTemplateSpecSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub storage: Option, + pub values: Option>, } +/// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesFc { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesFlexVolume { + /// driver is the name of the driver to use for this volume. pub driver: String, + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesFlexVolumeSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesFlocker { + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, + /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetUUID")] pub dataset_uuid: Option, } +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesGcePersistentDisk { + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesGitRepo { + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, + /// repository is the URL pub repository: String, + /// revision is the commit hash for the specified revision. #[serde(default, skip_serializing_if = "Option::is_none")] pub revision: Option, } +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesGlusterfs { + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +/// --- +/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not +/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesHostPath { + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesIscsi { + /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] pub chap_auth_discovery: Option, + /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, + /// iqn is the target iSCSI Qualified Name. pub iqn: String, + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, + /// lun represents iSCSI Target Lun number. pub lun: i32, + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } +/// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesIscsiSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesNfs { + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesPersistentVolumeClaim { + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesPhotonPersistentDisk { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// pdID is the ID that identifies Photon Controller persistent disk #[serde(rename = "pdID")] pub pd_id: String, } +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesPortworxVolume { + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// volumeID uniquely identifies a Portworx volume #[serde(rename = "volumeID")] pub volume_id: String, } +/// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjected { + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - pub sources: Vec, + /// sources is the list of volume projections + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sources: Option>, } +/// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, + /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// downwardAPI information about the downwardAPI data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, + /// secret information about the secret data to project #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, + /// serviceAccountToken is information about the serviceAccountToken data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountToken")] pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjectedSourcesConfigMap { + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// optional specify whether the ConfigMap or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjectedSourcesConfigMapItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// downwardAPI information about the downwardAPI data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjectedSourcesDownwardApi { + /// Items is a list of DownwardAPIVolume file #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, } +/// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjectedSourcesDownwardApiItems { + /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } +/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjectedSourcesDownwardApiItemsFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + /// Path of the field to select in the specified API version. #[serde(rename = "fieldPath")] pub field_path: String, } +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { + /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] pub divisor: Option, + /// Required: resource to select pub resource: String, } +/// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjectedSourcesSecret { + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// optional field specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjectedSourcesSecretItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjectedSourcesServiceAccountToken { + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesQuobyte { + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, + /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesRbd { + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesRbdSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesScaleIo { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// gateway is the host address of the ScaleIO API Gateway. pub gateway: String, + /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: SparkApplicationVolumesScaleIoSecretRef, + /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, + /// storagePool is the ScaleIO Storage Pool associated with the protection domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePool")] pub storage_pool: Option, + /// system is the name of the storage system as configured in ScaleIO. pub system: String, + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesScaleIoSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesSecret { + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, + /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesSecretItems { + /// key is the key to project. pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } +/// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesStorageos { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesStorageosSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesVsphereVolume { + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, + /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyID")] pub storage_policy_id: Option, + /// storagePolicyName is the storage Policy Based Management (SPBM) profile name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyName")] pub storage_policy_name: Option, + /// volumePath is the path that identifies vSphere volume vmdk #[serde(rename = "volumePath")] pub volume_path: String, } +/// SparkApplicationStatus describes the current status of a Spark application. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationStatus { + /// AppState tells the overall application state. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applicationState")] pub application_state: Option, + /// DriverInfo has information about the driver. #[serde(rename = "driverInfo")] pub driver_info: SparkApplicationStatusDriverInfo, + /// ExecutionAttempts is the total number of attempts to run a submitted application to completion. + /// Incremented upon each attempted run of the application and reset upon invalidation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "executionAttempts")] pub execution_attempts: Option, + /// ExecutorState records the state of executors by executor Pod names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "executorState")] pub executor_state: Option>, + /// LastSubmissionAttemptTime is the time for the last application submission attempt. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSubmissionAttemptTime")] pub last_submission_attempt_time: Option, + /// SparkApplicationID is set by the spark-distribution(via spark.app.id config) on the driver and executor pods #[serde(default, skip_serializing_if = "Option::is_none", rename = "sparkApplicationId")] pub spark_application_id: Option, + /// SubmissionAttempts is the total number of attempts to submit an application to run. + /// Incremented upon each attempted submission of the application and reset upon invalidation and rerun. #[serde(default, skip_serializing_if = "Option::is_none", rename = "submissionAttempts")] pub submission_attempts: Option, + /// SubmissionID is a unique ID of the current submission of the application. #[serde(default, skip_serializing_if = "Option::is_none", rename = "submissionID")] pub submission_id: Option, + /// CompletionTime is the time when the application runs to completion if it does. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationTime")] pub termination_time: Option, } +/// AppState tells the overall application state. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationStatusApplicationState { #[serde(default, skip_serializing_if = "Option::is_none", rename = "errorMessage")] pub error_message: Option, + /// ApplicationStateType represents the type of the current state of an application. pub state: String, } +/// DriverInfo has information about the driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationStatusDriverInfo { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podName")] @@ -4042,8 +9975,10 @@ pub struct SparkApplicationStatusDriverInfo { pub web_ui_address: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "webUIIngressAddress")] pub web_ui_ingress_address: Option, + /// Ingress Details if an ingress for the UI was created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "webUIIngressName")] pub web_ui_ingress_name: Option, + /// UI Details for the UI created via ClusterIP service accessible from within the cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "webUIPort")] pub web_ui_port: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "webUIServiceName")] diff --git a/kube-custom-resources-rs/src/spv_no/v1alpha1/azurekeyvaultidentities.rs b/kube-custom-resources-rs/src/spv_no/v1alpha1/azurekeyvaultidentities.rs index 6344bebb4..52c48d7f5 100644 --- a/kube-custom-resources-rs/src/spv_no/v1alpha1/azurekeyvaultidentities.rs +++ b/kube-custom-resources-rs/src/spv_no/v1alpha1/azurekeyvaultidentities.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/spv_no/v1alpha1/azuremanagedidentities.rs b/kube-custom-resources-rs/src/spv_no/v1alpha1/azuremanagedidentities.rs index d2acfb73b..724622b0b 100644 --- a/kube-custom-resources-rs/src/spv_no/v1alpha1/azuremanagedidentities.rs +++ b/kube-custom-resources-rs/src/spv_no/v1alpha1/azuremanagedidentities.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempomonolithics.rs b/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempomonolithics.rs index 4499d2901..bf12224e9 100644 --- a/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempomonolithics.rs +++ b/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempomonolithics.rs @@ -33,7 +33,8 @@ pub struct TempoMonolithicSpec { /// JaegerUI defines the Jaeger UI configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub jaegerui: Option, - /// ManagementState defines whether this instance is managed by the operator or self-managed. Default: Managed. + /// ManagementState defines whether this instance is managed by the operator or self-managed. + /// Default: Managed. #[serde(default, skip_serializing_if = "Option::is_none")] pub management: Option, /// Multitenancy defines the multi-tenancy configuration. @@ -76,15 +77,28 @@ pub struct TempoMonolithicAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -104,31 +118,47 @@ pub struct TempoMonolithicAffinityNodeAffinityPreferredDuringSchedulingIgnoredDu pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -136,7 +166,9 @@ pub struct TempoMonolithicAffinityNodeAffinityRequiredDuringSchedulingIgnoredDur pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -147,26 +179,38 @@ pub struct TempoMonolithicAffinityNodeAffinityRequiredDuringSchedulingIgnoredDur pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -174,10 +218,24 @@ pub struct TempoMonolithicAffinityNodeAffinityRequiredDuringSchedulingIgnoredDur /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -188,144 +246,244 @@ pub struct TempoMonolithicAffinityPodAffinityPreferredDuringSchedulingIgnoredDur /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: TempoMonolithicAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -333,10 +491,24 @@ pub struct TempoMonolithicAffinityPodAffinityRequiredDuringSchedulingIgnoredDuri /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -347,144 +519,244 @@ pub struct TempoMonolithicAffinityPodAntiAffinityPreferredDuringSchedulingIgnore /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: TempoMonolithicAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -519,20 +791,31 @@ pub struct TempoMonolithicIngestionOtlp { /// GRPC defines the OTLP over gRPC configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicIngestionOtlpGrpc { - /// Enabled defines if OTLP over gRPC is enabled. Default: enabled. + /// Enabled defines if OTLP over gRPC is enabled. + /// Default: enabled. pub enabled: bool, /// TLS defines the TLS configuration for OTLP/gRPC ingestion. + /// + /// + /// On OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName` + /// are provided it will use OpenShift serving certificate service. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } /// TLS defines the TLS configuration for OTLP/gRPC ingestion. +/// +/// +/// On OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName` +/// are provided it will use OpenShift serving certificate service. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicIngestionOtlpGrpcTls { - /// CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). It needs to be in the same namespace as the Tempo custom resource. + /// CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). + /// It needs to be in the same namespace as the Tempo custom resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "caName")] pub ca_name: Option, - /// Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). It needs to be in the same namespace as the Tempo custom resource. + /// Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). + /// It needs to be in the same namespace as the Tempo custom resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certName")] pub cert_name: Option, /// Enabled defines if TLS is enabled. @@ -546,20 +829,31 @@ pub struct TempoMonolithicIngestionOtlpGrpcTls { /// HTTP defines the OTLP over HTTP configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicIngestionOtlpHttp { - /// Enabled defines if OTLP over HTTP is enabled. Default: enabled. + /// Enabled defines if OTLP over HTTP is enabled. + /// Default: enabled. pub enabled: bool, /// TLS defines the TLS configuration for OTLP/HTTP ingestion. + /// + /// + /// On OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName` + /// are provided it will use OpenShift serving certificate service. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } /// TLS defines the TLS configuration for OTLP/HTTP ingestion. +/// +/// +/// On OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName` +/// are provided it will use OpenShift serving certificate service. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicIngestionOtlpHttpTls { - /// CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). It needs to be in the same namespace as the Tempo custom resource. + /// CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). + /// It needs to be in the same namespace as the Tempo custom resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "caName")] pub ca_name: Option, - /// Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). It needs to be in the same namespace as the Tempo custom resource. + /// Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). + /// It needs to be in the same namespace as the Tempo custom resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certName")] pub cert_name: Option, /// Enabled defines if TLS is enabled. @@ -598,26 +892,39 @@ pub struct TempoMonolithicJaegeruiAuthentication { /// Defines if the authentication will be enabled for jaeger UI. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, - /// Resources defines the compute resource requirements of the OAuth Proxy container. The OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled. + /// Resources defines the compute resource requirements of the OAuth Proxy container. + /// The OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// SAR defines the SAR to be used in the oauth-proxy default is "{"namespace": "", "resource": "pods", "verb": "get"} + /// SAR defines the SAR to be used in the oauth-proxy + /// default is "{"namespace": "", "resource": "pods", "verb": "get"} #[serde(default, skip_serializing_if = "Option::is_none")] pub sar: Option, } -/// Resources defines the compute resource requirements of the OAuth Proxy container. The OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled. +/// Resources defines the compute resource requirements of the OAuth Proxy container. +/// The OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicJaegeruiAuthenticationResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -625,7 +932,9 @@ pub struct TempoMonolithicJaegeruiAuthenticationResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicJaegeruiAuthenticationResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -640,7 +949,8 @@ pub struct TempoMonolithicJaegeruiIngress { /// Host defines the hostname of the Ingress object. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// IngressClassName defines the name of an IngressClass cluster resource. Defines which ingress controller serves this ingress resource. + /// IngressClassName defines the name of an IngressClass cluster resource. + /// Defines which ingress controller serves this ingress resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressClassName")] pub ingress_class_name: Option, } @@ -648,15 +958,25 @@ pub struct TempoMonolithicJaegeruiIngress { /// Resources defines the compute resource requirements of the Jaeger UI container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicJaegeruiResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -664,7 +984,9 @@ pub struct TempoMonolithicJaegeruiResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicJaegeruiResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -717,7 +1039,8 @@ pub struct TempoMonolithicMultitenancy { pub enabled: bool, /// Mode defines the multitenancy mode. pub mode: TempoMonolithicMultitenancyMode, - /// Resources defines the compute resource requirements of the gateway container. The gateway performs authentication and authorization of incoming requests when multi-tenancy is enabled. + /// Resources defines the compute resource requirements of the gateway container. + /// The gateway performs authentication and authorization of incoming requests when multi-tenancy is enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, } @@ -728,10 +1051,13 @@ pub struct TempoMonolithicMultitenancyAuthentication { /// OIDC defines the spec for the OIDC tenant's authentication. #[serde(default, skip_serializing_if = "Option::is_none")] pub oidc: Option, - /// TenantID defines a universally unique identifier of the tenant. Unlike the tenantName, which must be unique at a given time, the tenantId must be unique over the entire lifetime of the Tempo deployment. Tempo uses this ID to prefix objects in the object storage. + /// TenantID defines a universally unique identifier of the tenant. + /// Unlike the tenantName, which must be unique at a given time, the tenantId must be unique over the entire lifetime of the Tempo deployment. + /// Tempo uses this ID to prefix objects in the object storage. #[serde(rename = "tenantId")] pub tenant_id: String, - /// TenantName defines a human readable, unique name of the tenant. The value of this field must be specified in the X-Scope-OrgID header and in the resources field of a ClusterRole to identify the tenant. + /// TenantName defines a human readable, unique name of the tenant. + /// The value of this field must be specified in the X-Scope-OrgID header and in the resources field of a ClusterRole to identify the tenant. #[serde(rename = "tenantName")] pub tenant_name: String, } @@ -818,18 +1144,29 @@ pub enum TempoMonolithicMultitenancyMode { Openshift, } -/// Resources defines the compute resource requirements of the gateway container. The gateway performs authentication and authorization of incoming requests when multi-tenancy is enabled. +/// Resources defines the compute resource requirements of the gateway container. +/// The gateway performs authentication and authorization of incoming requests when multi-tenancy is enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicMultitenancyResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -837,7 +1174,9 @@ pub struct TempoMonolithicMultitenancyResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicMultitenancyResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -876,19 +1215,26 @@ pub struct TempoMonolithicObservabilityGrafanaDataSourceInstanceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicObservabilityGrafanaDataSourceInstanceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -921,15 +1267,25 @@ pub struct TempoMonolithicObservabilityMetricsServiceMonitors { /// Resources defines the compute resource requirements of the Tempo container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -937,7 +1293,9 @@ pub struct TempoMonolithicResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -954,7 +1312,8 @@ pub struct TempoMonolithicStorageTraces { /// Azure defines the configuration for Azure Storage. #[serde(default, skip_serializing_if = "Option::is_none")] pub azure: Option, - /// Backend defines the backend for storing traces. Default: memory. + /// Backend defines the backend for storing traces. + /// Default: memory. pub backend: TempoMonolithicStorageTracesBackend, /// GCP defines the configuration for Google Cloud Storage. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -962,7 +1321,11 @@ pub struct TempoMonolithicStorageTraces { /// S3 defines the configuration for Amazon S3. #[serde(default, skip_serializing_if = "Option::is_none")] pub s3: Option, - /// Size defines the size of the volume where traces are stored. For in-memory storage, this defines the size of the tmpfs volume. For persistent volume storage, this defines the size of the persistent volume. For object storage, this defines the size of the persistent volume containing the Write-Ahead Log (WAL) of Tempo. Default: 2Gi for memory, 10Gi for all other backends. + /// Size defines the size of the volume where traces are stored. + /// For in-memory storage, this defines the size of the tmpfs volume. + /// For persistent volume storage, this defines the size of the persistent volume. + /// For object storage, this defines the size of the persistent volume containing the Write-Ahead Log (WAL) of Tempo. + /// Default: 2Gi for memory, 10Gi for all other backends. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -970,7 +1333,8 @@ pub struct TempoMonolithicStorageTraces { /// Azure defines the configuration for Azure Storage. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicStorageTracesAzure { - /// Secret is the name of a Secret containing credentials for accessing object storage. It needs to be in the same namespace as the TempoMonolithic custom resource. + /// Secret is the name of a Secret containing credentials for accessing object storage. + /// It needs to be in the same namespace as the TempoMonolithic custom resource. pub secret: String, } @@ -992,14 +1356,16 @@ pub enum TempoMonolithicStorageTracesBackend { /// GCP defines the configuration for Google Cloud Storage. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicStorageTracesGcs { - /// Secret is the name of a Secret containing credentials for accessing object storage. It needs to be in the same namespace as the TempoMonolithic custom resource. + /// Secret is the name of a Secret containing credentials for accessing object storage. + /// It needs to be in the same namespace as the TempoMonolithic custom resource. pub secret: String, } /// S3 defines the configuration for Amazon S3. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicStorageTracesS3 { - /// Secret is the name of a Secret containing credentials for accessing object storage. It needs to be in the same namespace as the TempoMonolithic custom resource. + /// Secret is the name of a Secret containing credentials for accessing object storage. + /// It needs to be in the same namespace as the TempoMonolithic custom resource. pub secret: String, /// TLS defines the TLS configuration for Amazon S3. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1009,10 +1375,12 @@ pub struct TempoMonolithicStorageTracesS3 { /// TLS defines the TLS configuration for Amazon S3. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicStorageTracesS3Tls { - /// CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). It needs to be in the same namespace as the Tempo custom resource. + /// CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). + /// It needs to be in the same namespace as the Tempo custom resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "caName")] pub ca_name: Option, - /// Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). It needs to be in the same namespace as the Tempo custom resource. + /// Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). + /// It needs to be in the same namespace as the Tempo custom resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certName")] pub cert_name: Option, /// Enabled defines if TLS is enabled. @@ -1023,22 +1391,32 @@ pub struct TempoMonolithicStorageTracesS3Tls { pub min_version: Option, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } diff --git a/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempostacks.rs b/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempostacks.rs index a31e82acf..133228c43 100644 --- a/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempostacks.rs +++ b/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempostacks.rs @@ -20,7 +20,8 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct TempoStackSpec { - /// ExtraConfigSpec defines extra configurations for tempo that will be merged with the operator generated, configurations defined here has precedence and could override generated config. + /// ExtraConfigSpec defines extra configurations for tempo that will be merged with the operator generated, configurations defined here + /// has precedence and could override generated config. #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraConfig")] pub extra_config: Option, /// HashRing defines the spec for the distributed hash ring configuration. @@ -32,7 +33,8 @@ pub struct TempoStackSpec { /// LimitSpec is used to limit ingestion and querying rates. #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option, - /// ManagementState defines if the CR should be managed by the operator or not. Default is managed. + /// ManagementState defines if the CR should be managed by the operator or not. + /// Default is managed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "managementState")] pub management_state: Option, /// ObservabilitySpec defines how telemetry data gets handled. @@ -44,7 +46,8 @@ pub struct TempoStackSpec { /// Resources defines resources configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// NOTE: currently this field is not considered. Retention period defined by dataset. User can specify how long data should be stored. + /// Retention period defined by dataset. + /// User can specify how long data should be stored. #[serde(default, skip_serializing_if = "Option::is_none")] pub retention: Option, /// SearchSpec control the configuration for the search capabilities. @@ -53,7 +56,8 @@ pub struct TempoStackSpec { /// ServiceAccount defines the service account to use for all tempo components. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, - /// Storage defines the spec for the object storage endpoint to store traces. User is required to create secret and supply it. + /// Storage defines the spec for the object storage endpoint to store traces. + /// User is required to create secret and supply it. pub storage: TempoStackStorage, /// StorageClassName for PVCs used by ingester. Defaults to nil (default storage class in the cluster). #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] @@ -69,7 +73,8 @@ pub struct TempoStackSpec { pub tenants: Option, } -/// ExtraConfigSpec defines extra configurations for tempo that will be merged with the operator generated, configurations defined here has precedence and could override generated config. +/// ExtraConfigSpec defines extra configurations for tempo that will be merged with the operator generated, configurations defined here +/// has precedence and could override generated config. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackExtraConfig { /// Tempo defines any extra Tempo configuration, which will be merged with the operator's generated Tempo configuration @@ -158,10 +163,13 @@ pub struct TempoStackLimitsGlobalQuery { /// MaxBytesPerTagValues defines the maximum size in bytes of a tag-values query. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxBytesPerTagValues")] pub max_bytes_per_tag_values: Option, - /// DEPRECATED. MaxSearchBytesPerTrace defines the maximum size of search data for a single trace in bytes. default: `0` to disable. + /// DEPRECATED. MaxSearchBytesPerTrace defines the maximum size of search data for a single + /// trace in bytes. + /// default: `0` to disable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSearchBytesPerTrace")] pub max_search_bytes_per_trace: Option, - /// MaxSearchDuration defines the maximum allowed time range for a search. If this value is not set, then spec.search.maxDuration is used. + /// MaxSearchDuration defines the maximum allowed time range for a search. + /// If this value is not set, then spec.search.maxDuration is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSearchDuration")] pub max_search_duration: Option, } @@ -200,10 +208,13 @@ pub struct TempoStackLimitsPerTenantQuery { /// MaxBytesPerTagValues defines the maximum size in bytes of a tag-values query. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxBytesPerTagValues")] pub max_bytes_per_tag_values: Option, - /// DEPRECATED. MaxSearchBytesPerTrace defines the maximum size of search data for a single trace in bytes. default: `0` to disable. + /// DEPRECATED. MaxSearchBytesPerTrace defines the maximum size of search data for a single + /// trace in bytes. + /// default: `0` to disable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSearchBytesPerTrace")] pub max_search_bytes_per_trace: Option, - /// MaxSearchDuration defines the maximum allowed time range for a search. If this value is not set, then spec.search.maxDuration is used. + /// MaxSearchDuration defines the maximum allowed time range for a search. + /// If this value is not set, then spec.search.maxDuration is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSearchDuration")] pub max_search_duration: Option, } @@ -246,19 +257,26 @@ pub struct TempoStackObservabilityGrafanaInstanceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackObservabilityGrafanaInstanceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -288,23 +306,39 @@ pub struct TempoStackObservabilityTracing { /// Resources defines resources configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackResources { - /// The total amount of resources for Tempo instance. The operator autonomously splits resources between deployed Tempo components. Only limits are supported, the operator calculates requests automatically. See http://github.com/grafana/tempo/issues/1540. + /// The total amount of resources for Tempo instance. + /// The operator autonomously splits resources between deployed Tempo components. + /// Only limits are supported, the operator calculates requests automatically. + /// See http://github.com/grafana/tempo/issues/1540. #[serde(default, skip_serializing_if = "Option::is_none")] pub total: Option, } -/// The total amount of resources for Tempo instance. The operator autonomously splits resources between deployed Tempo components. Only limits are supported, the operator calculates requests automatically. See http://github.com/grafana/tempo/issues/1540. +/// The total amount of resources for Tempo instance. +/// The operator autonomously splits resources between deployed Tempo components. +/// Only limits are supported, the operator calculates requests automatically. +/// See http://github.com/grafana/tempo/issues/1540. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackResourcesTotal { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -312,11 +346,14 @@ pub struct TempoStackResourcesTotal { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackResourcesTotalClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// NOTE: currently this field is not considered. Retention period defined by dataset. User can specify how long data should be stored. +/// Retention period defined by dataset. +/// User can specify how long data should be stored. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackRetention { /// Global is used to configure global retention. @@ -330,7 +367,9 @@ pub struct TempoStackRetention { /// Global is used to configure global retention. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackRetentionGlobal { - /// Traces defines retention period. Supported parameter suffixes are "s", "m" and "h". example: 336h default: value is 48h. + /// Traces defines retention period. Supported parameter suffixes are "s", "m" and "h". + /// example: 336h + /// default: value is 48h. #[serde(default, skip_serializing_if = "Option::is_none")] pub traces: Option, } @@ -338,7 +377,9 @@ pub struct TempoStackRetentionGlobal { /// PerTenant is used to configure retention per tenant. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackRetentionPerTenant { - /// Traces defines retention period. Supported parameter suffixes are "s", "m" and "h". example: 336h default: value is 48h. + /// Traces defines retention period. Supported parameter suffixes are "s", "m" and "h". + /// example: 336h + /// default: value is 48h. #[serde(default, skip_serializing_if = "Option::is_none")] pub traces: Option, } @@ -352,22 +393,27 @@ pub struct TempoStackSearch { /// The maximum allowed time range for a search, default: 0s which means unlimited. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxDuration")] pub max_duration: Option, - /// The maximum allowed value of the limit parameter on search requests. If the search request limit parameter exceeds the value configured here it will be set to the value configured here. The default value of 0 disables this limit. + /// The maximum allowed value of the limit parameter on search requests. If the search request limit parameter + /// exceeds the value configured here it will be set to the value configured here. + /// The default value of 0 disables this limit. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxResultLimit")] pub max_result_limit: Option, } -/// Storage defines the spec for the object storage endpoint to store traces. User is required to create secret and supply it. +/// Storage defines the spec for the object storage endpoint to store traces. +/// User is required to create secret and supply it. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct TempoStackStorage { - /// Secret for object storage authentication. Name of a secret in the same namespace as the TempoStack custom resource. + /// Secret for object storage authentication. + /// Name of a secret in the same namespace as the TempoStack custom resource. pub secret: TempoStackStorageSecret, /// TLS configuration for reaching the object storage endpoint. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } -/// Secret for object storage authentication. Name of a secret in the same namespace as the TempoStack custom resource. +/// Secret for object storage authentication. +/// Name of a secret in the same namespace as the TempoStack custom resource. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct TempoStackStorageSecret { /// Name of a secret in the namespace configured for object storage secrets. @@ -377,7 +423,8 @@ pub struct TempoStackStorageSecret { pub r#type: TempoStackStorageSecretType, } -/// Secret for object storage authentication. Name of a secret in the same namespace as the TempoStack custom resource. +/// Secret for object storage authentication. +/// Name of a secret in the same namespace as the TempoStack custom resource. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum TempoStackStorageSecretType { #[serde(rename = "azure")] @@ -391,10 +438,12 @@ pub enum TempoStackStorageSecretType { /// TLS configuration for reaching the object storage endpoint. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackStorageTls { - /// CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). It needs to be in the same namespace as the Tempo custom resource. + /// CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). + /// It needs to be in the same namespace as the Tempo custom resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "caName")] pub ca_name: Option, - /// Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). It needs to be in the same namespace as the Tempo custom resource. + /// Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). + /// It needs to be in the same namespace as the Tempo custom resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certName")] pub cert_name: Option, /// Enabled defines if TLS is enabled. @@ -448,15 +497,25 @@ pub struct TempoStackTemplateCompactor { /// Resources defines resources for this component, this will override the calculated resources derived from total #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateCompactorResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -464,26 +523,38 @@ pub struct TempoStackTemplateCompactorResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateCompactorResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateCompactorTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -491,17 +562,27 @@ pub struct TempoStackTemplateCompactorTolerations { /// Distributor defines the distributor component spec. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateDistributor { - /// TempoComponentSpec is embedded to extend this definition with further options. - /// Currently, there is no way to inline this field. See: https://github.com/golang/go/issues/6213 + /// TempoComponentSpec is embedded to extend this definition with further options. + /// + /// + /// Currently, there is no way to inline this field. + /// See: https://github.com/golang/go/issues/6213 #[serde(default, skip_serializing_if = "Option::is_none")] pub component: Option, /// TLS defines TLS configuration for distributor receivers + /// + /// + /// If openshift feature flag `servingCertsService` is enabled and TLS is enabled but no + /// certName or caName is specified, OpenShift service serving certificates will be used. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } -/// TempoComponentSpec is embedded to extend this definition with further options. -/// Currently, there is no way to inline this field. See: https://github.com/golang/go/issues/6213 +/// TempoComponentSpec is embedded to extend this definition with further options. +/// +/// +/// Currently, there is no way to inline this field. +/// See: https://github.com/golang/go/issues/6213 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateDistributorComponent { /// NodeSelector defines the simple form of the node-selection constraint. @@ -521,15 +602,25 @@ pub struct TempoStackTemplateDistributorComponent { /// Resources defines resources for this component, this will override the calculated resources derived from total #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateDistributorComponentResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -537,37 +628,55 @@ pub struct TempoStackTemplateDistributorComponentResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateDistributorComponentResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateDistributorComponentTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } /// TLS defines TLS configuration for distributor receivers +/// +/// +/// If openshift feature flag `servingCertsService` is enabled and TLS is enabled but no +/// certName or caName is specified, OpenShift service serving certificates will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateDistributorTls { - /// CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). It needs to be in the same namespace as the Tempo custom resource. + /// CA is the name of a ConfigMap containing a CA certificate (service-ca.crt). + /// It needs to be in the same namespace as the Tempo custom resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "caName")] pub ca_name: Option, - /// Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). It needs to be in the same namespace as the Tempo custom resource. + /// Cert is the name of a Secret containing a certificate (tls.crt) and private key (tls.key). + /// It needs to be in the same namespace as the Tempo custom resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certName")] pub cert_name: Option, /// Enabled defines if TLS is enabled. @@ -581,8 +690,11 @@ pub struct TempoStackTemplateDistributorTls { /// Gateway defines the tempo gateway spec. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateGateway { - /// TempoComponentSpec is embedded to extend this definition with further options. - /// Currently there is no way to inline this field. See: https://github.com/golang/go/issues/6213 + /// TempoComponentSpec is embedded to extend this definition with further options. + /// + /// + /// Currently there is no way to inline this field. + /// See: https://github.com/golang/go/issues/6213 #[serde(default, skip_serializing_if = "Option::is_none")] pub component: Option, pub enabled: bool, @@ -591,8 +703,11 @@ pub struct TempoStackTemplateGateway { pub ingress: Option, } -/// TempoComponentSpec is embedded to extend this definition with further options. -/// Currently there is no way to inline this field. See: https://github.com/golang/go/issues/6213 +/// TempoComponentSpec is embedded to extend this definition with further options. +/// +/// +/// Currently there is no way to inline this field. +/// See: https://github.com/golang/go/issues/6213 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateGatewayComponent { /// NodeSelector defines the simple form of the node-selection constraint. @@ -612,15 +727,25 @@ pub struct TempoStackTemplateGatewayComponent { /// Resources defines resources for this component, this will override the calculated resources derived from total #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateGatewayComponentResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -628,26 +753,38 @@ pub struct TempoStackTemplateGatewayComponentResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateGatewayComponentResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateGatewayComponentTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -661,13 +798,15 @@ pub struct TempoStackTemplateGatewayIngress { /// Host defines the hostname of the Ingress object. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// IngressClassName defines the name of an IngressClass cluster resource. Defines which ingress controller serves this ingress resource. + /// IngressClassName defines the name of an IngressClass cluster resource. + /// Defines which ingress controller serves this ingress resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressClassName")] pub ingress_class_name: Option, /// Route defines the options for the OpenShift route. #[serde(default, skip_serializing_if = "Option::is_none")] pub route: Option, - /// Type defines the type of Ingress for the Jaeger Query UI. Currently ingress, route and none are supported. + /// Type defines the type of Ingress for the Jaeger Query UI. + /// Currently ingress, route and none are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -675,7 +814,8 @@ pub struct TempoStackTemplateGatewayIngress { /// Route defines the options for the OpenShift route. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateGatewayIngressRoute { - /// Termination defines the termination type. The default is "edge". + /// Termination defines the termination type. + /// The default is "edge". #[serde(default, skip_serializing_if = "Option::is_none")] pub termination: Option, } @@ -722,15 +862,25 @@ pub struct TempoStackTemplateIngester { /// Resources defines resources for this component, this will override the calculated resources derived from total #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateIngesterResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -738,26 +888,38 @@ pub struct TempoStackTemplateIngesterResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateIngesterResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateIngesterTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -782,15 +944,25 @@ pub struct TempoStackTemplateQuerier { /// Resources defines resources for this component, this will override the calculated resources derived from total #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQuerierResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -798,26 +970,38 @@ pub struct TempoStackTemplateQuerierResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQuerierResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQuerierTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -825,8 +1009,11 @@ pub struct TempoStackTemplateQuerierTolerations { /// TempoQueryFrontendSpec defines the query frontend spec. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQueryFrontend { - /// TempoComponentSpec is embedded to extend this definition with further options. - /// Currently there is no way to inline this field. See: https://github.com/golang/go/issues/6213 + /// TempoComponentSpec is embedded to extend this definition with further options. + /// + /// + /// Currently there is no way to inline this field. + /// See: https://github.com/golang/go/issues/6213 #[serde(default, skip_serializing_if = "Option::is_none")] pub component: Option, /// JaegerQuery defines options specific to the Jaeger Query component. @@ -834,8 +1021,11 @@ pub struct TempoStackTemplateQueryFrontend { pub jaeger_query: Option, } -/// TempoComponentSpec is embedded to extend this definition with further options. -/// Currently there is no way to inline this field. See: https://github.com/golang/go/issues/6213 +/// TempoComponentSpec is embedded to extend this definition with further options. +/// +/// +/// Currently there is no way to inline this field. +/// See: https://github.com/golang/go/issues/6213 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQueryFrontendComponent { /// NodeSelector defines the simple form of the node-selection constraint. @@ -855,15 +1045,25 @@ pub struct TempoStackTemplateQueryFrontendComponent { /// Resources defines resources for this component, this will override the calculated resources derived from total #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQueryFrontendComponentResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -871,26 +1071,38 @@ pub struct TempoStackTemplateQueryFrontendComponentResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQueryFrontendComponentResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQueryFrontendComponentTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -924,26 +1136,39 @@ pub struct TempoStackTemplateQueryFrontendJaegerQueryAuthentication { /// Defines if the authentication will be enabled for jaeger UI. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, - /// Resources defines the compute resource requirements of the OAuth Proxy container. The OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled. + /// Resources defines the compute resource requirements of the OAuth Proxy container. + /// The OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// SAR defines the SAR to be used in the oauth-proxy default is "{"namespace": "", "resource": "pods", "verb": "get"} + /// SAR defines the SAR to be used in the oauth-proxy + /// default is "{"namespace": "", "resource": "pods", "verb": "get"} #[serde(default, skip_serializing_if = "Option::is_none")] pub sar: Option, } -/// Resources defines the compute resource requirements of the OAuth Proxy container. The OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled. +/// Resources defines the compute resource requirements of the OAuth Proxy container. +/// The OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQueryFrontendJaegerQueryAuthenticationResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -951,7 +1176,9 @@ pub struct TempoStackTemplateQueryFrontendJaegerQueryAuthenticationResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQueryFrontendJaegerQueryAuthenticationResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -964,13 +1191,15 @@ pub struct TempoStackTemplateQueryFrontendJaegerQueryIngress { /// Host defines the hostname of the Ingress object. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// IngressClassName defines the name of an IngressClass cluster resource. Defines which ingress controller serves this ingress resource. + /// IngressClassName defines the name of an IngressClass cluster resource. + /// Defines which ingress controller serves this ingress resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressClassName")] pub ingress_class_name: Option, /// Route defines the options for the OpenShift route. #[serde(default, skip_serializing_if = "Option::is_none")] pub route: Option, - /// Type defines the type of Ingress for the Jaeger Query UI. Currently ingress, route and none are supported. + /// Type defines the type of Ingress for the Jaeger Query UI. + /// Currently ingress, route and none are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -978,7 +1207,8 @@ pub struct TempoStackTemplateQueryFrontendJaegerQueryIngress { /// Route defines the options for the OpenShift route. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQueryFrontendJaegerQueryIngressRoute { - /// Termination defines the termination type. The default is "edge". + /// Termination defines the termination type. + /// The default is "edge". #[serde(default, skip_serializing_if = "Option::is_none")] pub termination: Option, } @@ -1008,10 +1238,12 @@ pub enum TempoStackTemplateQueryFrontendJaegerQueryIngressType { /// MonitorTab defines the monitor tab configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQueryFrontendJaegerQueryMonitorTab { - /// Enabled enables the monitor tab in the Jaeger console. The PrometheusEndpoint must be configured to enable this feature. + /// Enabled enables the monitor tab in the Jaeger console. + /// The PrometheusEndpoint must be configured to enable this feature. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, - /// PrometheusEndpoint defines the endpoint to the Prometheus instance that contains the span rate, error, and duration (RED) metrics. For instance on OpenShift this is set to https://thanos-querier.openshift-monitoring.svc.cluster.local:9091 + /// PrometheusEndpoint defines the endpoint to the Prometheus instance that contains the span rate, error, and duration (RED) metrics. + /// For instance on OpenShift this is set to https://thanos-querier.openshift-monitoring.svc.cluster.local:9091 #[serde(default, skip_serializing_if = "Option::is_none", rename = "prometheusEndpoint")] pub prometheus_endpoint: Option, } @@ -1019,15 +1251,25 @@ pub struct TempoStackTemplateQueryFrontendJaegerQueryMonitorTab { /// Resources defines resources for this component, this will override the calculated resources derived from total #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQueryFrontendJaegerQueryResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -1035,7 +1277,9 @@ pub struct TempoStackTemplateQueryFrontendJaegerQueryResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateQueryFrontendJaegerQueryResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -1058,10 +1302,13 @@ pub struct TempoStackTenantsAuthentication { /// OIDC defines the spec for the OIDC tenant's authentication. #[serde(default, skip_serializing_if = "Option::is_none")] pub oidc: Option, - /// TenantID defines a universally unique identifier of the tenant. Unlike the tenantName, which must be unique at a given time, the tenantId must be unique over the entire lifetime of the Tempo deployment. Tempo uses this ID to prefix objects in the object storage. + /// TenantID defines a universally unique identifier of the tenant. + /// Unlike the tenantName, which must be unique at a given time, the tenantId must be unique over the entire lifetime of the Tempo deployment. + /// Tempo uses this ID to prefix objects in the object storage. #[serde(rename = "tenantId")] pub tenant_id: String, - /// TenantName defines a human readable, unique name of the tenant. The value of this field must be specified in the X-Scope-OrgID header and in the resources field of a ClusterRole to identify the tenant. + /// TenantName defines a human readable, unique name of the tenant. + /// The value of this field must be specified in the X-Scope-OrgID header and in the resources field of a ClusterRole to identify the tenant. #[serde(rename = "tenantName")] pub tenant_name: String, } @@ -1151,7 +1398,8 @@ pub enum TempoStackTenantsMode { /// TempoStackStatus defines the observed state of TempoStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackStatus { - /// Components provides summary of all Tempo pod status grouped per component. + /// Components provides summary of all Tempo pod status grouped + /// per component. #[serde(default, skip_serializing_if = "Option::is_none")] pub components: Option, /// Conditions of the Tempo deployment health. @@ -1168,7 +1416,8 @@ pub struct TempoStackStatus { pub tempo_version: Option, } -/// Components provides summary of all Tempo pod status grouped per component. +/// Components provides summary of all Tempo pod status grouped +/// per component. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackStatusComponents { /// Compactor is a map to the pod status of the compactor pod. diff --git a/kube-custom-resources-rs/src/tests_testkube_io/v1/testexecutions.rs b/kube-custom-resources-rs/src/tests_testkube_io/v1/testexecutions.rs index b13f75ecb..5c19e40fa 100644 --- a/kube-custom-resources-rs/src/tests_testkube_io/v1/testexecutions.rs +++ b/kube-custom-resources-rs/src/tests_testkube_io/v1/testexecutions.rs @@ -465,6 +465,9 @@ pub struct TestExecutionStatusLatestExecution { /// TestContent defines test content #[serde(default, skip_serializing_if = "Option::is_none")] pub content: Option, + /// whether webhooks should be called on execution + #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableWebhooks")] + pub disable_webhooks: Option, /// test duration #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, diff --git a/kube-custom-resources-rs/src/tests_testkube_io/v1/testsuiteexecutions.rs b/kube-custom-resources-rs/src/tests_testkube_io/v1/testsuiteexecutions.rs index 7ebc23827..6d6424ac5 100644 --- a/kube-custom-resources-rs/src/tests_testkube_io/v1/testsuiteexecutions.rs +++ b/kube-custom-resources-rs/src/tests_testkube_io/v1/testsuiteexecutions.rs @@ -39,6 +39,9 @@ pub struct TestSuiteExecutionExecutionRequest { /// cron job template extensions #[serde(default, skip_serializing_if = "Option::is_none", rename = "cronJobTemplate")] pub cron_job_template: Option, + /// whether webhooks should be disabled for this execution + #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableWebhooks")] + pub disable_webhooks: Option, /// execution labels #[serde(default, skip_serializing_if = "Option::is_none", rename = "executionLabels")] pub execution_labels: Option>, @@ -250,6 +253,9 @@ pub struct TestSuiteExecutionStatus { /// Important: Run "make" to regenerate code after modifying this file #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TestSuiteExecutionStatusLatestExecution { + /// whether webhooks should be disabled for this execution + #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableWebhooks")] + pub disable_webhooks: Option, /// test duration #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, diff --git a/kube-custom-resources-rs/src/tests_testkube_io/v3/tests.rs b/kube-custom-resources-rs/src/tests_testkube_io/v3/tests.rs index db1b7435c..6e034f042 100644 --- a/kube-custom-resources-rs/src/tests_testkube_io/v3/tests.rs +++ b/kube-custom-resources-rs/src/tests_testkube_io/v3/tests.rs @@ -167,6 +167,7 @@ pub struct TestExecutionRequest { #[serde(default, skip_serializing_if = "Option::is_none", rename = "cronJobTemplateReference")] pub cron_job_template_reference: Option, /// whether webhooks should be called on execution + /// Deprecated: field is not used #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableWebhooks")] pub disable_webhooks: Option, /// config map references diff --git a/kube-custom-resources-rs/src/tests_testkube_io/v3/testsuites.rs b/kube-custom-resources-rs/src/tests_testkube_io/v3/testsuites.rs index d09d01032..ae0e0524c 100644 --- a/kube-custom-resources-rs/src/tests_testkube_io/v3/testsuites.rs +++ b/kube-custom-resources-rs/src/tests_testkube_io/v3/testsuites.rs @@ -105,6 +105,7 @@ pub struct TestSuiteAfterExecuteExecutionRequest { #[serde(default, skip_serializing_if = "Option::is_none", rename = "cronJobTemplateReference")] pub cron_job_template_reference: Option, /// whether webhooks should be called on execution + /// Deprecated: field is not used #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableWebhooks")] pub disable_webhooks: Option, /// test execution labels @@ -327,6 +328,7 @@ pub struct TestSuiteBeforeExecuteExecutionRequest { #[serde(default, skip_serializing_if = "Option::is_none", rename = "cronJobTemplateReference")] pub cron_job_template_reference: Option, /// whether webhooks should be called on execution + /// Deprecated: field is not used #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableWebhooks")] pub disable_webhooks: Option, /// test execution labels @@ -495,6 +497,7 @@ pub struct TestSuiteExecutionRequest { #[serde(default, skip_serializing_if = "Option::is_none", rename = "cronJobTemplateReference")] pub cron_job_template_reference: Option, /// whether webhooks should be called on execution + /// Deprecated: field is not used #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableWebhooks")] pub disable_webhooks: Option, /// execution labels @@ -701,6 +704,7 @@ pub struct TestSuiteStepsExecuteExecutionRequest { #[serde(default, skip_serializing_if = "Option::is_none", rename = "cronJobTemplateReference")] pub cron_job_template_reference: Option, /// whether webhooks should be called on execution + /// Deprecated: field is not used #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableWebhooks")] pub disable_webhooks: Option, /// test execution labels diff --git a/kube-custom-resources-rs/src/tinkerbell_org/v1alpha1/osies.rs b/kube-custom-resources-rs/src/tinkerbell_org/v1alpha1/osies.rs index 068a5ce40..3349ec3ab 100644 --- a/kube-custom-resources-rs/src/tinkerbell_org/v1alpha1/osies.rs +++ b/kube-custom-resources-rs/src/tinkerbell_org/v1alpha1/osies.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/tinkerbell_org/v1alpha2/hardware.rs b/kube-custom-resources-rs/src/tinkerbell_org/v1alpha2/hardware.rs index 3c4bd846f..87b36259f 100644 --- a/kube-custom-resources-rs/src/tinkerbell_org/v1alpha2/hardware.rs +++ b/kube-custom-resources-rs/src/tinkerbell_org/v1alpha2/hardware.rs @@ -46,8 +46,12 @@ pub struct HardwareSpec { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HardwareBmcRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -125,8 +129,12 @@ pub struct HardwareNetworkInterfacesDhcp { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HardwareOsie { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/tinkerbell_org/v1alpha2/workflows.rs b/kube-custom-resources-rs/src/tinkerbell_org/v1alpha2/workflows.rs index ca3ba989f..11acd9017 100644 --- a/kube-custom-resources-rs/src/tinkerbell_org/v1alpha2/workflows.rs +++ b/kube-custom-resources-rs/src/tinkerbell_org/v1alpha2/workflows.rs @@ -42,8 +42,12 @@ pub struct WorkflowSpec { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowHardwareRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -52,8 +56,12 @@ pub struct WorkflowHardwareRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplateRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/trident_netapp_io/v1/tridentorchestrators.rs b/kube-custom-resources-rs/src/trident_netapp_io/v1/tridentorchestrators.rs index 0007657bb..351ffcfb5 100644 --- a/kube-custom-resources-rs/src/trident_netapp_io/v1/tridentorchestrators.rs +++ b/kube-custom-resources-rs/src/trident_netapp_io/v1/tridentorchestrators.rs @@ -7,4 +7,5 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; } +use self::prelude::*; diff --git a/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationdestinations.rs b/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationdestinations.rs index 82b37be50..5f843e35a 100644 --- a/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationdestinations.rs +++ b/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationdestinations.rs @@ -12,7 +12,8 @@ mod prelude { } use self::prelude::*; -/// spec is the desired state of the ReplicationDestination, including the replication method to use and its configuration. +/// spec is the desired state of the ReplicationDestination, including the +/// replication method to use and its configuration. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "volsync.backube", version = "v1alpha1", kind = "ReplicationDestination", plural = "replicationdestinations")] #[kube(namespaced)] @@ -21,7 +22,8 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ReplicationDestinationSpec { - /// external defines the configuration when using an external replication provider. + /// external defines the configuration when using an external replication + /// provider. #[serde(default, skip_serializing_if = "Option::is_none")] pub external: Option, /// paused can be used to temporarily stop replication. Defaults to "false". @@ -39,18 +41,23 @@ pub struct ReplicationDestinationSpec { /// rsyncTLS defines the configuration when using Rsync-based replication over TLS. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rsyncTLS")] pub rsync_tls: Option, - /// trigger determines if/when the destination should attempt to synchronize data with the source. + /// trigger determines if/when the destination should attempt to synchronize + /// data with the source. #[serde(default, skip_serializing_if = "Option::is_none")] pub trigger: Option, } -/// external defines the configuration when using an external replication provider. +/// external defines the configuration when using an external replication +/// provider. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationExternal { - /// parameters are provider-specific key/value configuration parameters. For more information, please see the documentation of the specific replication provider being used. + /// parameters are provider-specific key/value configuration parameters. For + /// more information, please see the documentation of the specific + /// replication provider being used. #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, - /// provider is the name of the external replication provider. The name should be of the form: domain.com/provider. + /// provider is the name of the external replication provider. The name + /// should be of the form: domain.com/provider. #[serde(default, skip_serializing_if = "Option::is_none")] pub provider: Option, } @@ -64,25 +71,37 @@ pub struct ReplicationDestinationRclone { /// capacity is the size of the destination volume to create. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option, - /// copyMethod describes how a point-in-time (PiT) image of the destination volume should be created. + /// copyMethod describes how a point-in-time (PiT) image of the destination + /// volume should be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "copyMethod")] pub copy_method: Option, /// customCA is a custom CA that will be used to verify the remote #[serde(default, skip_serializing_if = "Option::is_none", rename = "customCA")] pub custom_ca: Option, - /// destinationPVC is a PVC to use as the transfer destination instead of automatically provisioning one. Either this field or both capacity and accessModes must be specified. + /// destinationPVC is a PVC to use as the transfer destination instead of + /// automatically provisioning one. Either this field or both capacity and + /// accessModes must be specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationPVC")] pub destination_pvc: Option, - /// Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add + /// Labels that should be added to data mover pods + /// These will be in addition to any labels that VolSync may add #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverPodLabels")] pub mover_pod_labels: Option>, - /// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. + /// Resources represents compute resources required by the data mover container. + /// Immutable. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + /// This should only be used by advanced users as this can result in a mover + /// pod being unschedulable or crashing due to limited resources. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverResources")] pub mover_resources: Option, - /// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover + /// MoverSecurityContext allows specifying the PodSecurityContext that will + /// be used by the data mover #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverSecurityContext")] pub mover_security_context: Option, - /// MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR. + /// MoverServiceAccount allows specifying the name of the service account + /// that will be used by the data mover. This should only be used by advanced + /// users who want to override the service account normally used by the mover. + /// The service account needs to exist in the same namespace as this CR. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverServiceAccount")] pub mover_service_account: Option, /// RcloneConfig is the rclone secret name @@ -94,10 +113,12 @@ pub struct ReplicationDestinationRclone { /// RcloneDestPath is the remote path to sync to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rcloneDestPath")] pub rclone_dest_path: Option, - /// storageClassName can be used to specify the StorageClass of the destination volume. If not set, the default StorageClass will be used. + /// storageClassName can be used to specify the StorageClass of the + /// destination volume. If not set, the default StorageClass will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used. + /// volumeSnapshotClassName can be used to specify the VSC to be used if + /// copyMethod is Snapshot. If not set, the default VSC is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeSnapshotClassName")] pub volume_snapshot_class_name: Option, } @@ -114,29 +135,45 @@ pub enum ReplicationDestinationRcloneCopyMethod { /// customCA is a custom CA that will be used to verify the remote #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRcloneCustomCa { - /// The name of a ConfigMap that contains the custom CA certificate If ConfigMapName is used then SecretName should not be set + /// The name of a ConfigMap that contains the custom CA certificate + /// If ConfigMapName is used then SecretName should not be set #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapName")] pub config_map_name: Option, /// The key within the Secret or ConfigMap containing the CA certificate #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// The name of a Secret that contains the custom CA certificate If SecretName is used then ConfigMapName should not be set + /// The name of a Secret that contains the custom CA certificate + /// If SecretName is used then ConfigMapName should not be set #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } -/// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. +/// Resources represents compute resources required by the data mover container. +/// Immutable. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +/// This should only be used by advanced users as this can result in a mover +/// pod being unschedulable or crashing due to limited resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRcloneMoverResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -144,48 +181,126 @@ pub struct ReplicationDestinationRcloneMoverResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRcloneMoverResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover +/// MoverSecurityContext allows specifying the PodSecurityContext that will +/// be used by the data mover #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRcloneMoverSecurityContext { - /// A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - /// 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - /// If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, - /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows. + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] pub fs_group_change_policy: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, - /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, - /// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ReplicationDestinationRcloneMoverSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRcloneMoverSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -202,14 +317,23 @@ pub struct ReplicationDestinationRcloneMoverSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRcloneMoverSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } @@ -223,19 +347,30 @@ pub struct ReplicationDestinationRcloneMoverSecurityContextSysctls { pub value: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRcloneMoverSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } @@ -252,31 +387,44 @@ pub struct ReplicationDestinationRestic { /// cacheCapacity can be used to set the size of the restic metadata cache volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheCapacity")] pub cache_capacity: Option, - /// cacheStorageClassName can be used to set the StorageClass of the restic metadata cache volume + /// cacheStorageClassName can be used to set the StorageClass of the restic + /// metadata cache volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheStorageClassName")] pub cache_storage_class_name: Option, /// capacity is the size of the destination volume to create. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option, - /// copyMethod describes how a point-in-time (PiT) image of the destination volume should be created. + /// copyMethod describes how a point-in-time (PiT) image of the destination + /// volume should be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "copyMethod")] pub copy_method: Option, /// customCA is a custom CA that will be used to verify the remote #[serde(default, skip_serializing_if = "Option::is_none", rename = "customCA")] pub custom_ca: Option, - /// destinationPVC is a PVC to use as the transfer destination instead of automatically provisioning one. Either this field or both capacity and accessModes must be specified. + /// destinationPVC is a PVC to use as the transfer destination instead of + /// automatically provisioning one. Either this field or both capacity and + /// accessModes must be specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationPVC")] pub destination_pvc: Option, - /// Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add + /// Labels that should be added to data mover pods + /// These will be in addition to any labels that VolSync may add #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverPodLabels")] pub mover_pod_labels: Option>, - /// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. + /// Resources represents compute resources required by the data mover container. + /// Immutable. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + /// This should only be used by advanced users as this can result in a mover + /// pod being unschedulable or crashing due to limited resources. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverResources")] pub mover_resources: Option, - /// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover + /// MoverSecurityContext allows specifying the PodSecurityContext that will + /// be used by the data mover #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverSecurityContext")] pub mover_security_context: Option, - /// MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR. + /// MoverServiceAccount allows specifying the name of the service account + /// that will be used by the data mover. This should only be used by advanced + /// users who want to override the service account normally used by the mover. + /// The service account needs to exist in the same namespace as this CR. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverServiceAccount")] pub mover_service_account: Option, /// Previous specifies the number of image to skip before selecting one to restore from @@ -288,10 +436,12 @@ pub struct ReplicationDestinationRestic { /// RestoreAsOf refers to the backup that is most recent as of that time. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restoreAsOf")] pub restore_as_of: Option, - /// storageClassName can be used to specify the StorageClass of the destination volume. If not set, the default StorageClass will be used. + /// storageClassName can be used to specify the StorageClass of the + /// destination volume. If not set, the default StorageClass will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used. + /// volumeSnapshotClassName can be used to specify the VSC to be used if + /// copyMethod is Snapshot. If not set, the default VSC is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeSnapshotClassName")] pub volume_snapshot_class_name: Option, } @@ -308,29 +458,45 @@ pub enum ReplicationDestinationResticCopyMethod { /// customCA is a custom CA that will be used to verify the remote #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationResticCustomCa { - /// The name of a ConfigMap that contains the custom CA certificate If ConfigMapName is used then SecretName should not be set + /// The name of a ConfigMap that contains the custom CA certificate + /// If ConfigMapName is used then SecretName should not be set #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapName")] pub config_map_name: Option, /// The key within the Secret or ConfigMap containing the CA certificate #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// The name of a Secret that contains the custom CA certificate If SecretName is used then ConfigMapName should not be set + /// The name of a Secret that contains the custom CA certificate + /// If SecretName is used then ConfigMapName should not be set #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } -/// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. +/// Resources represents compute resources required by the data mover container. +/// Immutable. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +/// This should only be used by advanced users as this can result in a mover +/// pod being unschedulable or crashing due to limited resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationResticMoverResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -338,48 +504,126 @@ pub struct ReplicationDestinationResticMoverResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationResticMoverResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover +/// MoverSecurityContext allows specifying the PodSecurityContext that will +/// be used by the data mover #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationResticMoverSecurityContext { - /// A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - /// 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - /// If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, - /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows. + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] pub fs_group_change_policy: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, - /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, - /// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ReplicationDestinationResticMoverSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationResticMoverSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -396,14 +640,23 @@ pub struct ReplicationDestinationResticMoverSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationResticMoverSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } @@ -417,19 +670,30 @@ pub struct ReplicationDestinationResticMoverSecurityContextSysctls { pub value: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationResticMoverSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } @@ -446,19 +710,30 @@ pub struct ReplicationDestinationRsync { /// capacity is the size of the destination volume to create. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option, - /// copyMethod describes how a point-in-time (PiT) image of the destination volume should be created. + /// copyMethod describes how a point-in-time (PiT) image of the destination + /// volume should be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "copyMethod")] pub copy_method: Option, - /// destinationPVC is a PVC to use as the transfer destination instead of automatically provisioning one. Either this field or both capacity and accessModes must be specified. + /// destinationPVC is a PVC to use as the transfer destination instead of + /// automatically provisioning one. Either this field or both capacity and + /// accessModes must be specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationPVC")] pub destination_pvc: Option, - /// Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add + /// Labels that should be added to data mover pods + /// These will be in addition to any labels that VolSync may add #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverPodLabels")] pub mover_pod_labels: Option>, - /// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. + /// Resources represents compute resources required by the data mover container. + /// Immutable. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + /// This should only be used by advanced users as this can result in a mover + /// pod being unschedulable or crashing due to limited resources. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverResources")] pub mover_resources: Option, - /// MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as the ReplicationDestination. + /// MoverServiceAccount allows specifying the name of the service account + /// that will be used by the data mover. This should only be used by advanced + /// users who want to override the service account normally used by the mover. + /// The service account needs to exist in the same namespace as the ReplicationDestination. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverServiceAccount")] pub mover_service_account: Option, /// path is the remote path to rsync from. Defaults to "/" @@ -467,22 +742,28 @@ pub struct ReplicationDestinationRsync { /// port is the SSH port to connect to for replication. Defaults to 22. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// serviceAnnotations defines annotations that will be added to the service created for incoming SSH connections. If set, these annotations will be used instead of any VolSync default values. + /// serviceAnnotations defines annotations that will be added to the + /// service created for incoming SSH connections. If set, these annotations + /// will be used instead of any VolSync default values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAnnotations")] pub service_annotations: Option>, - /// serviceType determines the Service type that will be created for incoming SSH connections. + /// serviceType determines the Service type that will be created for incoming + /// SSH connections. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] pub service_type: Option, - /// sshKeys is the name of a Secret that contains the SSH keys to be used for authentication. If not provided, the keys will be generated. + /// sshKeys is the name of a Secret that contains the SSH keys to be used for + /// authentication. If not provided, the keys will be generated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sshKeys")] pub ssh_keys: Option, /// sshUser is the username for outgoing SSH connections. Defaults to "root". #[serde(default, skip_serializing_if = "Option::is_none", rename = "sshUser")] pub ssh_user: Option, - /// storageClassName can be used to specify the StorageClass of the destination volume. If not set, the default StorageClass will be used. + /// storageClassName can be used to specify the StorageClass of the + /// destination volume. If not set, the default StorageClass will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used. + /// volumeSnapshotClassName can be used to specify the VSC to be used if + /// copyMethod is Snapshot. If not set, the default VSC is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeSnapshotClassName")] pub volume_snapshot_class_name: Option, } @@ -496,18 +777,32 @@ pub enum ReplicationDestinationRsyncCopyMethod { Snapshot, } -/// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. +/// Resources represents compute resources required by the data mover container. +/// Immutable. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +/// This should only be used by advanced users as this can result in a mover +/// pod being unschedulable or crashing due to limited resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRsyncMoverResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -515,7 +810,9 @@ pub struct ReplicationDestinationRsyncMoverResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRsyncMoverResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -528,37 +825,55 @@ pub struct ReplicationDestinationRsyncTls { /// capacity is the size of the destination volume to create. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option, - /// copyMethod describes how a point-in-time (PiT) image of the destination volume should be created. + /// copyMethod describes how a point-in-time (PiT) image of the destination + /// volume should be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "copyMethod")] pub copy_method: Option, - /// destinationPVC is a PVC to use as the transfer destination instead of automatically provisioning one. Either this field or both capacity and accessModes must be specified. + /// destinationPVC is a PVC to use as the transfer destination instead of + /// automatically provisioning one. Either this field or both capacity and + /// accessModes must be specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationPVC")] pub destination_pvc: Option, - /// keySecret is the name of a Secret that contains the TLS pre-shared key to be used for authentication. If not provided, the key will be generated. + /// keySecret is the name of a Secret that contains the TLS pre-shared key to + /// be used for authentication. If not provided, the key will be generated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] pub key_secret: Option, - /// Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add + /// Labels that should be added to data mover pods + /// These will be in addition to any labels that VolSync may add #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverPodLabels")] pub mover_pod_labels: Option>, - /// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. + /// Resources represents compute resources required by the data mover container. + /// Immutable. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + /// This should only be used by advanced users as this can result in a mover + /// pod being unschedulable or crashing due to limited resources. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverResources")] pub mover_resources: Option, - /// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover + /// MoverSecurityContext allows specifying the PodSecurityContext that will + /// be used by the data mover #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverSecurityContext")] pub mover_security_context: Option, - /// MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR. + /// MoverServiceAccount allows specifying the name of the service account + /// that will be used by the data mover. This should only be used by advanced + /// users who want to override the service account normally used by the mover. + /// The service account needs to exist in the same namespace as this CR. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverServiceAccount")] pub mover_service_account: Option, - /// serviceAnnotations defines annotations that will be added to the service created for incoming SSH connections. If set, these annotations will be used instead of any VolSync default values. + /// serviceAnnotations defines annotations that will be added to the + /// service created for incoming SSH connections. If set, these annotations + /// will be used instead of any VolSync default values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAnnotations")] pub service_annotations: Option>, - /// serviceType determines the Service type that will be created for incoming TLS connections. + /// serviceType determines the Service type that will be created for incoming + /// TLS connections. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] pub service_type: Option, - /// storageClassName can be used to specify the StorageClass of the destination volume. If not set, the default StorageClass will be used. + /// storageClassName can be used to specify the StorageClass of the + /// destination volume. If not set, the default StorageClass will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used. + /// volumeSnapshotClassName can be used to specify the VSC to be used if + /// copyMethod is Snapshot. If not set, the default VSC is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeSnapshotClassName")] pub volume_snapshot_class_name: Option, } @@ -572,18 +887,32 @@ pub enum ReplicationDestinationRsyncTlsCopyMethod { Snapshot, } -/// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. +/// Resources represents compute resources required by the data mover container. +/// Immutable. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +/// This should only be used by advanced users as this can result in a mover +/// pod being unschedulable or crashing due to limited resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRsyncTlsMoverResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -591,48 +920,126 @@ pub struct ReplicationDestinationRsyncTlsMoverResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRsyncTlsMoverResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover +/// MoverSecurityContext allows specifying the PodSecurityContext that will +/// be used by the data mover #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRsyncTlsMoverSecurityContext { - /// A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - /// 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - /// If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, - /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows. + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] pub fs_group_change_policy: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, - /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, - /// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ReplicationDestinationRsyncTlsMoverSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRsyncTlsMoverSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -649,14 +1056,23 @@ pub struct ReplicationDestinationRsyncTlsMoverSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRsyncTlsMoverSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } @@ -670,47 +1086,72 @@ pub struct ReplicationDestinationRsyncTlsMoverSecurityContextSysctls { pub value: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationRsyncTlsMoverSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// trigger determines if/when the destination should attempt to synchronize data with the source. +/// trigger determines if/when the destination should attempt to synchronize +/// data with the source. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationTrigger { - /// manual is a string value that schedules a manual trigger. Once a sync completes then status.lastManualSync is set to the same string value. A consumer of a manual trigger should set spec.trigger.manual to a known value and then wait for lastManualSync to be updated by the operator to the same value, which means that the manual trigger will then pause and wait for further updates to the trigger. + /// manual is a string value that schedules a manual trigger. + /// Once a sync completes then status.lastManualSync is set to the same string value. + /// A consumer of a manual trigger should set spec.trigger.manual to a known value + /// and then wait for lastManualSync to be updated by the operator to the same value, + /// which means that the manual trigger will then pause and wait for further + /// updates to the trigger. #[serde(default, skip_serializing_if = "Option::is_none")] pub manual: Option, - /// schedule is a cronspec (https://en.wikipedia.org/wiki/Cron#Overview) that can be used to schedule replication to occur at regular, time-based intervals. nolint:lll + /// schedule is a cronspec (https://en.wikipedia.org/wiki/Cron#Overview) that + /// can be used to schedule replication to occur at regular, time-based + /// intervals. + /// nolint:lll #[serde(default, skip_serializing_if = "Option::is_none")] pub schedule: Option, } -/// status is the observed state of the ReplicationDestination as determined by the controller. +/// status is the observed state of the ReplicationDestination as determined +/// by the controller. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationStatus { - /// conditions represent the latest available observations of the destination's state. + /// conditions represent the latest available observations of the + /// destination's state. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// external contains provider-specific status information. For more details, please see the documentation of the specific replication provider being used. + /// external contains provider-specific status information. For more details, + /// please see the documentation of the specific replication provider being + /// used. #[serde(default, skip_serializing_if = "Option::is_none")] pub external: Option>, /// lastManualSync is set to the last spec.trigger.manual when the manual sync is done. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastManualSync")] pub last_manual_sync: Option, - /// lastSyncDuration is the amount of time required to send the most recent update. + /// lastSyncDuration is the amount of time required to send the most recent + /// update. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncDuration")] pub last_sync_duration: Option, /// lastSyncStartTime is the time the most recent synchronization started. @@ -719,13 +1160,15 @@ pub struct ReplicationDestinationStatus { /// lastSyncTime is the time of the most recent successful synchronization. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncTime")] pub last_sync_time: Option, - /// latestImage in the object holding the most recent consistent replicated image. + /// latestImage in the object holding the most recent consistent replicated + /// image. #[serde(default, skip_serializing_if = "Option::is_none", rename = "latestImage")] pub latest_image: Option, /// Logs/Summary from latest mover job #[serde(default, skip_serializing_if = "Option::is_none", rename = "latestMoverStatus")] pub latest_mover_status: Option, - /// nextSyncTime is the time when the next volume synchronization is scheduled to start (for schedule-based synchronization). + /// nextSyncTime is the time when the next volume synchronization is + /// scheduled to start (for schedule-based synchronization). #[serde(default, skip_serializing_if = "Option::is_none", rename = "nextSyncTime")] pub next_sync_time: Option, /// rsync contains status information for Rsync-based replication. @@ -736,10 +1179,13 @@ pub struct ReplicationDestinationStatus { pub rsync_tls: Option, } -/// latestImage in the object holding the most recent consistent replicated image. +/// latestImage in the object holding the most recent consistent replicated +/// image. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationStatusLatestImage { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -760,13 +1206,18 @@ pub struct ReplicationDestinationStatusLatestMoverStatus { /// rsync contains status information for Rsync-based replication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationDestinationStatusRsync { - /// address is the address to connect to for incoming SSH replication connections. + /// address is the address to connect to for incoming SSH replication + /// connections. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option, - /// port is the SSH port to connect to for incoming SSH replication connections. + /// port is the SSH port to connect to for incoming SSH replication + /// connections. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// sshKeys is the name of a Secret that contains the SSH keys to be used for authentication. If not provided in .spec.rsync.sshKeys, SSH keys will be generated and the appropriate keys for the remote side will be placed here. + /// sshKeys is the name of a Secret that contains the SSH keys to be used for + /// authentication. If not provided in .spec.rsync.sshKeys, SSH keys will be + /// generated and the appropriate keys for the remote side will be placed + /// here. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sshKeys")] pub ssh_keys: Option, } @@ -777,7 +1228,9 @@ pub struct ReplicationDestinationStatusRsyncTls { /// address is the address to connect to for incoming TLS connections. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option, - /// keySecret is the name of a Secret that contains the TLS pre-shared key to be used for authentication. If not provided in .spec.rsyncTLS.keySecret, the key Secret will be generated and named here. + /// keySecret is the name of a Secret that contains the TLS pre-shared key to + /// be used for authentication. If not provided in .spec.rsyncTLS.keySecret, + /// the key Secret will be generated and named here. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] pub key_secret: Option, /// port is the port to connect to for incoming replication connections. diff --git a/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationsources.rs b/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationsources.rs index 3f2bdcf2e..8e0d8ed31 100644 --- a/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationsources.rs +++ b/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationsources.rs @@ -12,7 +12,8 @@ mod prelude { } use self::prelude::*; -/// spec is the desired state of the ReplicationSource, including the replication method to use and its configuration. +/// spec is the desired state of the ReplicationSource, including the +/// replication method to use and its configuration. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "volsync.backube", version = "v1alpha1", kind = "ReplicationSource", plural = "replicationsources")] #[kube(namespaced)] @@ -21,7 +22,8 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ReplicationSourceSpec { - /// external defines the configuration when using an external replication provider. + /// external defines the configuration when using an external replication + /// provider. #[serde(default, skip_serializing_if = "Option::is_none")] pub external: Option, /// paused can be used to temporarily stop replication. Defaults to "false". @@ -45,18 +47,23 @@ pub struct ReplicationSourceSpec { /// syncthing defines the configuration when using Syncthing-based replication. #[serde(default, skip_serializing_if = "Option::is_none")] pub syncthing: Option, - /// trigger determines when the latest state of the volume will be captured (and potentially replicated to the destination). + /// trigger determines when the latest state of the volume will be captured + /// (and potentially replicated to the destination). #[serde(default, skip_serializing_if = "Option::is_none")] pub trigger: Option, } -/// external defines the configuration when using an external replication provider. +/// external defines the configuration when using an external replication +/// provider. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceExternal { - /// parameters are provider-specific key/value configuration parameters. For more information, please see the documentation of the specific replication provider being used. + /// parameters are provider-specific key/value configuration parameters. For + /// more information, please see the documentation of the specific + /// replication provider being used. #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, - /// provider is the name of the external replication provider. The name should be of the form: domain.com/provider. + /// provider is the name of the external replication provider. The name + /// should be of the form: domain.com/provider. #[serde(default, skip_serializing_if = "Option::is_none")] pub provider: Option, } @@ -70,22 +77,32 @@ pub struct ReplicationSourceRclone { /// capacity can be used to override the capacity of the PiT image. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option, - /// copyMethod describes how a point-in-time (PiT) image of the source volume should be created. + /// copyMethod describes how a point-in-time (PiT) image of the source volume + /// should be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "copyMethod")] pub copy_method: Option, /// customCA is a custom CA that will be used to verify the remote #[serde(default, skip_serializing_if = "Option::is_none", rename = "customCA")] pub custom_ca: Option, - /// Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add + /// Labels that should be added to data mover pods + /// These will be in addition to any labels that VolSync may add #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverPodLabels")] pub mover_pod_labels: Option>, - /// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. + /// Resources represents compute resources required by the data mover container. + /// Immutable. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + /// This should only be used by advanced users as this can result in a mover + /// pod being unschedulable or crashing due to limited resources. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverResources")] pub mover_resources: Option, - /// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover + /// MoverSecurityContext allows specifying the PodSecurityContext that will + /// be used by the data mover #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverSecurityContext")] pub mover_security_context: Option, - /// MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR. + /// MoverServiceAccount allows specifying the name of the service account + /// that will be used by the data mover. This should only be used by advanced + /// users who want to override the service account normally used by the mover. + /// The service account needs to exist in the same namespace as this CR. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverServiceAccount")] pub mover_service_account: Option, /// RcloneConfig is the rclone secret name @@ -97,10 +114,12 @@ pub struct ReplicationSourceRclone { /// RcloneDestPath is the remote path to sync to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rcloneDestPath")] pub rclone_dest_path: Option, - /// storageClassName can be used to override the StorageClass of the PiT image. + /// storageClassName can be used to override the StorageClass of the PiT + /// image. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used. + /// volumeSnapshotClassName can be used to specify the VSC to be used if + /// copyMethod is Snapshot. If not set, the default VSC is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeSnapshotClassName")] pub volume_snapshot_class_name: Option, } @@ -117,29 +136,45 @@ pub enum ReplicationSourceRcloneCopyMethod { /// customCA is a custom CA that will be used to verify the remote #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRcloneCustomCa { - /// The name of a ConfigMap that contains the custom CA certificate If ConfigMapName is used then SecretName should not be set + /// The name of a ConfigMap that contains the custom CA certificate + /// If ConfigMapName is used then SecretName should not be set #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapName")] pub config_map_name: Option, /// The key within the Secret or ConfigMap containing the CA certificate #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// The name of a Secret that contains the custom CA certificate If SecretName is used then ConfigMapName should not be set + /// The name of a Secret that contains the custom CA certificate + /// If SecretName is used then ConfigMapName should not be set #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } -/// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. +/// Resources represents compute resources required by the data mover container. +/// Immutable. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +/// This should only be used by advanced users as this can result in a mover +/// pod being unschedulable or crashing due to limited resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRcloneMoverResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -147,48 +182,126 @@ pub struct ReplicationSourceRcloneMoverResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRcloneMoverResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover +/// MoverSecurityContext allows specifying the PodSecurityContext that will +/// be used by the data mover #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRcloneMoverSecurityContext { - /// A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - /// 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - /// If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, - /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows. + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] pub fs_group_change_policy: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, - /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, - /// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ReplicationSourceRcloneMoverSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRcloneMoverSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -205,14 +318,23 @@ pub struct ReplicationSourceRcloneMoverSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRcloneMoverSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } @@ -226,19 +348,30 @@ pub struct ReplicationSourceRcloneMoverSecurityContextSysctls { pub value: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRcloneMoverSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } @@ -255,28 +388,39 @@ pub struct ReplicationSourceRestic { /// cacheCapacity can be used to set the size of the restic metadata cache volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheCapacity")] pub cache_capacity: Option, - /// cacheStorageClassName can be used to set the StorageClass of the restic metadata cache volume + /// cacheStorageClassName can be used to set the StorageClass of the restic + /// metadata cache volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheStorageClassName")] pub cache_storage_class_name: Option, /// capacity can be used to override the capacity of the PiT image. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option, - /// copyMethod describes how a point-in-time (PiT) image of the source volume should be created. + /// copyMethod describes how a point-in-time (PiT) image of the source volume + /// should be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "copyMethod")] pub copy_method: Option, /// customCA is a custom CA that will be used to verify the remote #[serde(default, skip_serializing_if = "Option::is_none", rename = "customCA")] pub custom_ca: Option, - /// Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add + /// Labels that should be added to data mover pods + /// These will be in addition to any labels that VolSync may add #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverPodLabels")] pub mover_pod_labels: Option>, - /// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. + /// Resources represents compute resources required by the data mover container. + /// Immutable. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + /// This should only be used by advanced users as this can result in a mover + /// pod being unschedulable or crashing due to limited resources. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverResources")] pub mover_resources: Option, - /// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover + /// MoverSecurityContext allows specifying the PodSecurityContext that will + /// be used by the data mover #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverSecurityContext")] pub mover_security_context: Option, - /// MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR. + /// MoverServiceAccount allows specifying the name of the service account + /// that will be used by the data mover. This should only be used by advanced + /// users who want to override the service account normally used by the mover. + /// The service account needs to exist in the same namespace as this CR. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverServiceAccount")] pub mover_service_account: Option, /// PruneIntervalDays define how often to prune the repository @@ -288,13 +432,22 @@ pub struct ReplicationSourceRestic { /// ResticRetainPolicy define the retain policy #[serde(default, skip_serializing_if = "Option::is_none")] pub retain: Option, - /// storageClassName can be used to override the StorageClass of the PiT image. + /// storageClassName can be used to override the StorageClass of the PiT + /// image. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// unlock is a string value that schedules an unlock on the restic repository during the next sync operation. Once a sync completes then status.restic.lastUnlocked is set to the same string value. To unlock a repository, set spec.restic.unlock to a known value and then wait for lastUnlocked to be updated by the operator to the same value, which means that the sync unlocked the repository by running a restic unlock command and then ran a backup. Unlock will not be run again unless spec.restic.unlock is set to a different value. + /// unlock is a string value that schedules an unlock on the restic repository during + /// the next sync operation. + /// Once a sync completes then status.restic.lastUnlocked is set to the same string value. + /// To unlock a repository, set spec.restic.unlock to a known value and then wait for + /// lastUnlocked to be updated by the operator to the same value, + /// which means that the sync unlocked the repository by running a restic unlock command and + /// then ran a backup. + /// Unlock will not be run again unless spec.restic.unlock is set to a different value. #[serde(default, skip_serializing_if = "Option::is_none")] pub unlock: Option, - /// volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used. + /// volumeSnapshotClassName can be used to specify the VSC to be used if + /// copyMethod is Snapshot. If not set, the default VSC is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeSnapshotClassName")] pub volume_snapshot_class_name: Option, } @@ -311,29 +464,45 @@ pub enum ReplicationSourceResticCopyMethod { /// customCA is a custom CA that will be used to verify the remote #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceResticCustomCa { - /// The name of a ConfigMap that contains the custom CA certificate If ConfigMapName is used then SecretName should not be set + /// The name of a ConfigMap that contains the custom CA certificate + /// If ConfigMapName is used then SecretName should not be set #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapName")] pub config_map_name: Option, /// The key within the Secret or ConfigMap containing the CA certificate #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// The name of a Secret that contains the custom CA certificate If SecretName is used then ConfigMapName should not be set + /// The name of a Secret that contains the custom CA certificate + /// If SecretName is used then ConfigMapName should not be set #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } -/// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. +/// Resources represents compute resources required by the data mover container. +/// Immutable. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +/// This should only be used by advanced users as this can result in a mover +/// pod being unschedulable or crashing due to limited resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceResticMoverResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -341,48 +510,126 @@ pub struct ReplicationSourceResticMoverResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceResticMoverResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover +/// MoverSecurityContext allows specifying the PodSecurityContext that will +/// be used by the data mover #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceResticMoverSecurityContext { - /// A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - /// 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - /// If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, - /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows. + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] pub fs_group_change_policy: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, - /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, - /// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ReplicationSourceResticMoverSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceResticMoverSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -399,14 +646,23 @@ pub struct ReplicationSourceResticMoverSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceResticMoverSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } @@ -420,19 +676,30 @@ pub struct ReplicationSourceResticMoverSecurityContextSysctls { pub value: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceResticMoverSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } @@ -475,16 +742,25 @@ pub struct ReplicationSourceRsync { /// capacity can be used to override the capacity of the PiT image. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option, - /// copyMethod describes how a point-in-time (PiT) image of the source volume should be created. + /// copyMethod describes how a point-in-time (PiT) image of the source volume + /// should be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "copyMethod")] pub copy_method: Option, - /// Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add + /// Labels that should be added to data mover pods + /// These will be in addition to any labels that VolSync may add #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverPodLabels")] pub mover_pod_labels: Option>, - /// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. + /// Resources represents compute resources required by the data mover container. + /// Immutable. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + /// This should only be used by advanced users as this can result in a mover + /// pod being unschedulable or crashing due to limited resources. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverResources")] pub mover_resources: Option, - /// MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as the ReplicationSource. + /// MoverServiceAccount allows specifying the name of the service account + /// that will be used by the data mover. This should only be used by advanced + /// users who want to override the service account normally used by the mover. + /// The service account needs to exist in the same namespace as the ReplicationSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverServiceAccount")] pub mover_service_account: Option, /// path is the remote path to rsync to. Defaults to "/" @@ -493,19 +769,23 @@ pub struct ReplicationSourceRsync { /// port is the SSH port to connect to for replication. Defaults to 22. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// serviceType determines the Service type that will be created for incoming SSH connections. + /// serviceType determines the Service type that will be created for incoming + /// SSH connections. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] pub service_type: Option, - /// sshKeys is the name of a Secret that contains the SSH keys to be used for authentication. If not provided, the keys will be generated. + /// sshKeys is the name of a Secret that contains the SSH keys to be used for + /// authentication. If not provided, the keys will be generated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sshKeys")] pub ssh_keys: Option, /// sshUser is the username for outgoing SSH connections. Defaults to "root". #[serde(default, skip_serializing_if = "Option::is_none", rename = "sshUser")] pub ssh_user: Option, - /// storageClassName can be used to override the StorageClass of the PiT image. + /// storageClassName can be used to override the StorageClass of the PiT + /// image. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used. + /// volumeSnapshotClassName can be used to specify the VSC to be used if + /// copyMethod is Snapshot. If not set, the default VSC is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeSnapshotClassName")] pub volume_snapshot_class_name: Option, } @@ -519,18 +799,32 @@ pub enum ReplicationSourceRsyncCopyMethod { Snapshot, } -/// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. +/// Resources represents compute resources required by the data mover container. +/// Immutable. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +/// This should only be used by advanced users as this can result in a mover +/// pod being unschedulable or crashing due to limited resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRsyncMoverResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -538,7 +832,9 @@ pub struct ReplicationSourceRsyncMoverResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRsyncMoverResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -554,31 +850,44 @@ pub struct ReplicationSourceRsyncTls { /// capacity can be used to override the capacity of the PiT image. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option, - /// copyMethod describes how a point-in-time (PiT) image of the source volume should be created. + /// copyMethod describes how a point-in-time (PiT) image of the source volume + /// should be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "copyMethod")] pub copy_method: Option, - /// keySecret is the name of a Secret that contains the TLS pre-shared key to be used for authentication. If not provided, the key will be generated. + /// keySecret is the name of a Secret that contains the TLS pre-shared key to + /// be used for authentication. If not provided, the key will be generated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] pub key_secret: Option, - /// Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add + /// Labels that should be added to data mover pods + /// These will be in addition to any labels that VolSync may add #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverPodLabels")] pub mover_pod_labels: Option>, - /// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. + /// Resources represents compute resources required by the data mover container. + /// Immutable. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + /// This should only be used by advanced users as this can result in a mover + /// pod being unschedulable or crashing due to limited resources. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverResources")] pub mover_resources: Option, - /// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover + /// MoverSecurityContext allows specifying the PodSecurityContext that will + /// be used by the data mover #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverSecurityContext")] pub mover_security_context: Option, - /// MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR. + /// MoverServiceAccount allows specifying the name of the service account + /// that will be used by the data mover. This should only be used by advanced + /// users who want to override the service account normally used by the mover. + /// The service account needs to exist in the same namespace as this CR. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverServiceAccount")] pub mover_service_account: Option, /// port is the port to connect to for replication. Defaults to 8000. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// storageClassName can be used to override the StorageClass of the PiT image. + /// storageClassName can be used to override the StorageClass of the PiT + /// image. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeSnapshotClassName can be used to specify the VSC to be used if copyMethod is Snapshot. If not set, the default VSC is used. + /// volumeSnapshotClassName can be used to specify the VSC to be used if + /// copyMethod is Snapshot. If not set, the default VSC is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeSnapshotClassName")] pub volume_snapshot_class_name: Option, } @@ -592,18 +901,32 @@ pub enum ReplicationSourceRsyncTlsCopyMethod { Snapshot, } -/// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. +/// Resources represents compute resources required by the data mover container. +/// Immutable. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +/// This should only be used by advanced users as this can result in a mover +/// pod being unschedulable or crashing due to limited resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRsyncTlsMoverResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -611,48 +934,126 @@ pub struct ReplicationSourceRsyncTlsMoverResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRsyncTlsMoverResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover +/// MoverSecurityContext allows specifying the PodSecurityContext that will +/// be used by the data mover #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRsyncTlsMoverSecurityContext { - /// A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - /// 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - /// If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, - /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows. + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] pub fs_group_change_policy: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, - /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, - /// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ReplicationSourceRsyncTlsMoverSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRsyncTlsMoverSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -669,14 +1070,23 @@ pub struct ReplicationSourceRsyncTlsMoverSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRsyncTlsMoverSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } @@ -690,19 +1100,30 @@ pub struct ReplicationSourceRsyncTlsMoverSecurityContextSysctls { pub value: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceRsyncTlsMoverSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } @@ -719,16 +1140,25 @@ pub struct ReplicationSourceSyncthing { /// Used to set the StorageClass of the Syncthing config volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configStorageClassName")] pub config_storage_class_name: Option, - /// Labels that should be added to data mover pods These will be in addition to any labels that VolSync may add + /// Labels that should be added to data mover pods + /// These will be in addition to any labels that VolSync may add #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverPodLabels")] pub mover_pod_labels: Option>, - /// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. + /// Resources represents compute resources required by the data mover container. + /// Immutable. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + /// This should only be used by advanced users as this can result in a mover + /// pod being unschedulable or crashing due to limited resources. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverResources")] pub mover_resources: Option, - /// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover + /// MoverSecurityContext allows specifying the PodSecurityContext that will + /// be used by the data mover #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverSecurityContext")] pub mover_security_context: Option, - /// MoverServiceAccount allows specifying the name of the service account that will be used by the data mover. This should only be used by advanced users who want to override the service account normally used by the mover. The service account needs to exist in the same namespace as this CR. + /// MoverServiceAccount allows specifying the name of the service account + /// that will be used by the data mover. This should only be used by advanced + /// users who want to override the service account normally used by the mover. + /// The service account needs to exist in the same namespace as this CR. #[serde(default, skip_serializing_if = "Option::is_none", rename = "moverServiceAccount")] pub mover_service_account: Option, /// List of Syncthing peers to be connected for syncing @@ -739,18 +1169,32 @@ pub struct ReplicationSourceSyncthing { pub service_type: Option, } -/// Resources represents compute resources required by the data mover container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ This should only be used by advanced users as this can result in a mover pod being unschedulable or crashing due to limited resources. +/// Resources represents compute resources required by the data mover container. +/// Immutable. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +/// This should only be used by advanced users as this can result in a mover +/// pod being unschedulable or crashing due to limited resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceSyncthingMoverResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -758,48 +1202,126 @@ pub struct ReplicationSourceSyncthingMoverResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceSyncthingMoverResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// MoverSecurityContext allows specifying the PodSecurityContext that will be used by the data mover +/// MoverSecurityContext allows specifying the PodSecurityContext that will +/// be used by the data mover #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceSyncthingMoverSecurityContext { - /// A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - /// 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - /// If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, - /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows. + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] pub fs_group_change_policy: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, - /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, - /// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ReplicationSourceSyncthingMoverSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceSyncthingMoverSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -816,14 +1338,23 @@ pub struct ReplicationSourceSyncthingMoverSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceSyncthingMoverSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } @@ -837,24 +1368,36 @@ pub struct ReplicationSourceSyncthingMoverSecurityContextSysctls { pub value: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceSyncthingMoverSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// SyncthingPeer Defines the necessary information needed by VolSync to configure a given peer with the running Syncthing instance. +/// SyncthingPeer Defines the necessary information needed by VolSync +/// to configure a given peer with the running Syncthing instance. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceSyncthingPeers { /// The peer's Syncthing ID. @@ -862,34 +1405,52 @@ pub struct ReplicationSourceSyncthingPeers { pub id: String, /// The peer's address that our Syncthing node will connect to. pub address: String, - /// A flag that determines whether this peer should introduce us to other peers sharing this volume. It is HIGHLY recommended that two Syncthing peers do NOT set each other as introducers as you will have a difficult time disconnecting the two. + /// A flag that determines whether this peer should + /// introduce us to other peers sharing this volume. + /// It is HIGHLY recommended that two Syncthing peers do NOT + /// set each other as introducers as you will have a difficult time + /// disconnecting the two. pub introducer: bool, } -/// trigger determines when the latest state of the volume will be captured (and potentially replicated to the destination). +/// trigger determines when the latest state of the volume will be captured +/// (and potentially replicated to the destination). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceTrigger { - /// manual is a string value that schedules a manual trigger. Once a sync completes then status.lastManualSync is set to the same string value. A consumer of a manual trigger should set spec.trigger.manual to a known value and then wait for lastManualSync to be updated by the operator to the same value, which means that the manual trigger will then pause and wait for further updates to the trigger. + /// manual is a string value that schedules a manual trigger. + /// Once a sync completes then status.lastManualSync is set to the same string value. + /// A consumer of a manual trigger should set spec.trigger.manual to a known value + /// and then wait for lastManualSync to be updated by the operator to the same value, + /// which means that the manual trigger will then pause and wait for further + /// updates to the trigger. #[serde(default, skip_serializing_if = "Option::is_none")] pub manual: Option, - /// schedule is a cronspec (https://en.wikipedia.org/wiki/Cron#Overview) that can be used to schedule replication to occur at regular, time-based intervals. nolint:lll + /// schedule is a cronspec (https://en.wikipedia.org/wiki/Cron#Overview) that + /// can be used to schedule replication to occur at regular, time-based + /// intervals. + /// nolint:lll #[serde(default, skip_serializing_if = "Option::is_none")] pub schedule: Option, } -/// status is the observed state of the ReplicationSource as determined by the controller. +/// status is the observed state of the ReplicationSource as determined by +/// the controller. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceStatus { - /// conditions represent the latest available observations of the source's state. + /// conditions represent the latest available observations of the + /// source's state. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// external contains provider-specific status information. For more details, please see the documentation of the specific replication provider being used. + /// external contains provider-specific status information. For more details, + /// please see the documentation of the specific replication provider being + /// used. #[serde(default, skip_serializing_if = "Option::is_none")] pub external: Option>, /// lastManualSync is set to the last spec.trigger.manual when the manual sync is done. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastManualSync")] pub last_manual_sync: Option, - /// lastSyncDuration is the amount of time required to send the most recent update. + /// lastSyncDuration is the amount of time required to send the most recent + /// update. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncDuration")] pub last_sync_duration: Option, /// lastSyncStartTime is the time the most recent synchronization started. @@ -901,7 +1462,8 @@ pub struct ReplicationSourceStatus { /// Logs/Summary from latest mover job #[serde(default, skip_serializing_if = "Option::is_none", rename = "latestMoverStatus")] pub latest_mover_status: Option, - /// nextSyncTime is the time when the next volume synchronization is scheduled to start (for schedule-based synchronization). + /// nextSyncTime is the time when the next volume synchronization is + /// scheduled to start (for schedule-based synchronization). #[serde(default, skip_serializing_if = "Option::is_none", rename = "nextSyncTime")] pub next_sync_time: Option, /// restic contains status information for Restic-based replication. @@ -933,7 +1495,8 @@ pub struct ReplicationSourceStatusRestic { /// lastPruned in the object holding the time of last pruned #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastPruned")] pub last_pruned: Option, - /// lastUnlocked is set to the last spec.restic.unlock when a sync is done that unlocks the restic repository. + /// lastUnlocked is set to the last spec.restic.unlock when a sync is done that unlocks the + /// restic repository. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastUnlocked")] pub last_unlocked: Option, } @@ -941,13 +1504,18 @@ pub struct ReplicationSourceStatusRestic { /// rsync contains status information for Rsync-based replication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceStatusRsync { - /// address is the address to connect to for incoming SSH replication connections. + /// address is the address to connect to for incoming SSH replication + /// connections. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option, - /// port is the SSH port to connect to for incoming SSH replication connections. + /// port is the SSH port to connect to for incoming SSH replication + /// connections. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// sshKeys is the name of a Secret that contains the SSH keys to be used for authentication. If not provided in .spec.rsync.sshKeys, SSH keys will be generated and the appropriate keys for the remote side will be placed here. + /// sshKeys is the name of a Secret that contains the SSH keys to be used for + /// authentication. If not provided in .spec.rsync.sshKeys, SSH keys will be + /// generated and the appropriate keys for the remote side will be placed + /// here. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sshKeys")] pub ssh_keys: Option, } @@ -955,7 +1523,9 @@ pub struct ReplicationSourceStatusRsync { /// rsyncTLS contains status information for Rsync-based replication over TLS. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceStatusRsyncTls { - /// keySecret is the name of a Secret that contains the TLS pre-shared key to be used for authentication. If not provided in .spec.rsyncTLS.keySecret, the key Secret will be generated and named here. + /// keySecret is the name of a Secret that contains the TLS pre-shared key to + /// be used for authentication. If not provided in .spec.rsyncTLS.keySecret, + /// the key Secret will be generated and named here. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] pub key_secret: Option, } @@ -974,7 +1544,8 @@ pub struct ReplicationSourceStatusSyncthing { pub peers: Option>, } -/// SyncthingPeerStatus Is a struct that contains information pertaining to the status of a given Syncthing peer. +/// SyncthingPeerStatus Is a struct that contains information pertaining to +/// the status of a given Syncthing peer. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationSourceStatusSyncthingPeers { /// ID Is the peer's Syncthing ID. diff --git a/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1alpha1/instancesets.rs b/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1alpha1/instancesets.rs index 862ee07c0..579c2d8ee 100644 --- a/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1alpha1/instancesets.rs +++ b/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1alpha1/instancesets.rs @@ -24,6 +24,15 @@ pub struct InstanceSetSpec { /// Credential used to connect to DB engine #[serde(default, skip_serializing_if = "Option::is_none")] pub credential: Option, + /// Specifies the desired Ordinals of the default template. + /// The Ordinals used to specify the ordinal of the instance (pod) names to be generated under the default template. + /// + /// + /// For example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]}, + /// then the instance names generated under the default template would be + /// $(cluster.name)-$(component.name)-0、$(cluster.name)-$(component.name)-1 and $(cluster.name)-$(component.name)-7 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultTemplateOrdinals")] + pub default_template_ordinals: Option, /// Overrides values in default Template. /// /// @@ -79,6 +88,11 @@ pub struct InstanceSetSpec { /// The cluster administrator must manually manage the cleanup and removal of these resources when they are no longer needed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "offlineInstances")] pub offline_instances: Option>, + /// Controls the concurrency of pods during initial scale up, when replacing pods on nodes, + /// or when scaling down. It only used when `PodManagementPolicy` is set to `Parallel`. + /// The default Concurrency is 100%. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "parallelPodManagementConcurrency")] + pub parallel_pod_management_concurrency: Option, /// Indicates that the InstanceSet is paused, meaning the reconciliation of this InstanceSet object will be paused. #[serde(default, skip_serializing_if = "Option::is_none")] pub paused: Option, @@ -96,6 +110,16 @@ pub struct InstanceSetSpec { /// Note: This field will be removed in future version. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podManagementPolicy")] pub pod_management_policy: Option, + /// PodUpdatePolicy indicates how pods should be updated + /// + /// + /// - `StrictInPlace` indicates that only allows in-place upgrades. + /// Any attempt to modify other fields will be rejected. + /// - `PreferInPlace` indicates that we will first attempt an in-place upgrade of the Pod. + /// If that fails, it will fall back to the ReCreate, where pod will be recreated. + /// Default value is "PreferInPlace" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podUpdatePolicy")] + pub pod_update_policy: Option, /// Specifies the desired number of replicas of the given Template. /// These replicas are instantiations of the same Template, with each having a consistent identity. /// Defaults to 1 if unspecified. @@ -336,6 +360,29 @@ pub struct InstanceSetCredentialUsernameValueFromSecretKeyRef { pub optional: Option, } +/// Specifies the desired Ordinals of the default template. +/// The Ordinals used to specify the ordinal of the instance (pod) names to be generated under the default template. +/// +/// +/// For example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]}, +/// then the instance names generated under the default template would be +/// $(cluster.name)-$(component.name)-0、$(cluster.name)-$(component.name)-1 and $(cluster.name)-$(component.name)-7 +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetDefaultTemplateOrdinals { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub discrete: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ranges: Option>, +} + +/// Range represents a range with a start and an end value. +/// It is used to define a continuous segment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetDefaultTemplateOrdinalsRanges { + pub end: i32, + pub start: i32, +} + /// InstanceTemplate allows customization of individual replica configurations within a Component, /// without altering the base component template defined in ClusterComponentSpec. /// It enables the application of distinct settings to specific instances (replicas), @@ -362,6 +409,16 @@ pub struct InstanceSetInstances { /// using the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0. /// The specified name overrides any default naming conventions or patterns. pub name: String, + /// Specifies the desired Ordinals of this InstanceTemplate. + /// The Ordinals used to specify the ordinal of the instance (pod) names to be generated under this InstanceTemplate. + /// + /// + /// For example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]}, + /// then the instance names generated under this InstanceTemplate would be + /// $(cluster.name)-$(component.name)-$(template.name)-0、$(cluster.name)-$(component.name)-$(template.name)-1 and + /// $(cluster.name)-$(component.name)-$(template.name)-7 + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ordinals: Option, /// Specifies the number of instances (Pods) to create from this InstanceTemplate. /// This field allows setting how many replicated instances of the component, /// with the specific overrides in the InstanceTemplate, are created. @@ -485,6 +542,30 @@ pub struct InstanceSetInstancesEnvValueFromSecretKeyRef { pub optional: Option, } +/// Specifies the desired Ordinals of this InstanceTemplate. +/// The Ordinals used to specify the ordinal of the instance (pod) names to be generated under this InstanceTemplate. +/// +/// +/// For example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]}, +/// then the instance names generated under this InstanceTemplate would be +/// $(cluster.name)-$(component.name)-$(template.name)-0、$(cluster.name)-$(component.name)-$(template.name)-1 and +/// $(cluster.name)-$(component.name)-$(template.name)-7 +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetInstancesOrdinals { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub discrete: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ranges: Option>, +} + +/// Range represents a range with a start and an end value. +/// It is used to define a continuous segment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetInstancesOrdinalsRanges { + pub end: i32, + pub start: i32, +} + /// Specifies an override for the resource requirements of the first container in the Pod. /// This field allows for customizing resource allocation (CPU, memory, etc.) for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -10579,6 +10660,9 @@ pub struct InstanceSetStatus { pub ready_without_primary: Option, /// replicas is the number of instances created by the InstanceSet controller. pub replicas: i32, + /// TemplatesStatus represents status of each instance generated by InstanceTemplates + #[serde(default, skip_serializing_if = "Option::is_none", rename = "templatesStatus")] + pub templates_status: Option>, /// updateRevision, if not empty, indicates the version of the InstanceSet used to generate instances in the sequence /// [replicas-updatedReplicas,replicas) #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateRevision")] @@ -10627,3 +10711,27 @@ pub enum InstanceSetStatusMembersStatusRoleAccessMode { ReadWrite, } +/// InstanceTemplateStatus aggregates the status of replicas for each InstanceTemplate +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetStatusTemplatesStatus { + /// AvailableReplicas is the number of Pods that ready for at least minReadySeconds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableReplicas")] + pub available_replicas: Option, + /// currentReplicas is the number of instances created by the InstanceSet controller from the InstanceSet version + /// indicated by CurrentRevisions. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentReplicas")] + pub current_replicas: Option, + /// Name, the name of the InstanceTemplate. + pub name: String, + /// ReadyReplicas is the number of Pods that have a Ready Condition. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyReplicas")] + pub ready_replicas: Option, + /// Replicas is the number of replicas of the InstanceTemplate. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub replicas: Option, + /// UpdatedReplicas is the number of Pods created by the InstanceSet controller from the InstanceSet version + /// indicated by UpdateRevisions. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatedReplicas")] + pub updated_replicas: Option, +} +